Configure Viewing With SSL

If your organization uses Meridian Enterprise together with AutoVue from outside your firewall, you might want to secure network communications between the servers with the  Secure Sockets Layer (HTTPS).

Note:

You will need a certificate from a known certificate authority in order to configure SSL.

For information about using Internet Information Server to perform this task, see the Windows documentation.

To configure viewing with SSL:

  1. In Internet Information Services, if no SSL certificate has been installed yet, import or create a certificate.

  2. For the website that contains the Meridian Enterprise application, bind the HTTPS protocol to the certificate that you created in step 1.

  3. Open the web.config file of the Meridian Enterprise Server service in any text editor.

    By default, it is located in C:\inetpub\wwwroot\BCEnterprise.

  4.  In the binding name="basicHttpBinding_BluePrint" element, add a <security mode> element that is set to Transport as shown in the following example.

    <security mode="Transport">
  5. If you imported or created a certificate in step 1, export it to a .cer file using the Base-64 encoded X.509 format option.

    Otherwise, export the existing certificate. Do not export the private key. You may use any filename.

  6. If you have not yet installed AutoVue, start the installation as described in Install Autovue.

    If AutoVue is already installed, restart the installation program and configure the Enabling SSL Communication option as described in Install Autovue.

  7. Open a command prompt window in the bin folder of the Java Runtime Environment (for example, C:\Program Files (x86)\Java\jre7\bin).

  8. Run the keytool.exe program to add the certificate file that you exported in step 4 to the Identity JKS Keystore file with the password that you created as described in Install Autovue, for example:

    keytool -import -v -trustcacerts -alias <ComputerName> -file <PathToCERFile> -keystore <PathToJKSFile> -keypass <JKSFilePassword> -storepass <JKSFilePassword>
  9. Create a copy of C:\oracle\autovue\bin\jetty\etc\jetty-ssl.xml in the same folder and name it jetty-ssl-DMS.xml.

  10. Open jetty-ssl-DMS.xml in any text editor and set the port number to the same as in the web.config file in step 3c, for example:

    <Set name="Port">8900</Set>
  11. Comment out or remove the DOCTYPE declaration line as in the following example.

    <!--!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://jetty.mortbay.org/configure.dtd"--> 

    If this line is left active, the BCConnectorService service may stop responding.

  12. Open the file StartDMS.bat in any text editor and modify the Jetty startup.

    Specify the jetty-ssl-DMS.xml file that you created in step 8 at the end of the launch line, for example:

    "%AUTOVUE_ROOT%\jre\bin\java.exe" ... "%JETTY_DIR%\etc\jetty_dms.xml" "%JETTY_DIR%\etc\jetty-ssl-DMS.xml"
  13. Stop the AutoVue server and the BCConnector service processes and restart them with StartDMS.bat.

    The AutoVue viewer should now work over the HTTPS protocol. You can confirm this by viewing a document in Meridian Enterprise and confirming that the protocol shown in the browser address bar is https, not http.

2023