Step 2: Configure the TEXTML Server to use the Certificate
Once you have obtained the signed certificate and its private key, you need to install them on the TEXTML Server.
- textml_signed_cert.pem: Signed CA certificate for the TEXTML Server
- textml_cert_privatekey.pem: Private key generated when doing the certificate signing request
To configure the TEXTML Server:
Copy the textml_signed_cert.pem and
textml_cert_privatekey.pem files to the following
Note: Create the Certificates directory if it does not exist.
- Windows: C:\ProgramData\IxiaSoft\Certificates
- Linux: /opt/ixiasoft/textmlserver/certificates/
Open the TextmlServerCfg.xml file with a text editor.
This file is located in the following directory:
- Windows: C:\ProgramData\IxiaSoft\TextmlServer43
- Linux: /opt/ixiasoft/textmlserver/%instance-name%/
Look for the <SSL> section of the configuration:
<SSL> <UseSSL>False</UseSSL> <SSLPort>2551</SSLPort> <UseSSLOnly>True</UseSSLOnly> <CertificatePath>./</CertificatePath> <PrivateKeyPath>./</PrivateKeyPath> <ClientCertificatePath>Certificates</ClientCertificatePath> </SSL>
Enter the following information:
Option Description UseSSL Enables SSL security. Enter True (SSL is enabled) or False (SSL is not enabled). SSLPort Enter the port number used for the secure connection. UseSSLOnly The TEXTML Server can support both secure and non-secure connections on separate ports. To force the TEXTML Server to allow secure connections only, set this field to True. This will disable the non-secure port defined in the configuration.
IXIASOFT recommends that you set this field to True.
CertificatePath Enter the path to the signed certificate. PrivateKeyPath Enter the path to the private key. ClientCertificatePath This field applies when replication is used. On the secondary TEXTML Server, enter the path to the root CA certificate.
Leave this field as is if your deployment is not using replication.For example:
<SSL> <UseSSL>True</UseSSL> <SSLPort>2551</SSLPort> <UseSSLOnly>True</UseSSLOnly> <CertificatePath> C:\ProgramData\IxiaSoft\Certificates\textml_signed_cert.pem </CertificatePath> <PrivateKeyPath> C:\ProgramData\IxiaSoft\Certificates\textml_cert_privatekey.pem </PrivateKeyPath> <ClientCertificatePath>Certificates</ClientCertificatePath> </SSL>
Restart the TEXTML Server.
The TEXTML Server should now be able to respond to secure connection requests on the port you have specified.Note: Look at the TEXTML Server log to confirm that the server started properly. If the logs contain an SSL error, then an error occurred when creating the certificates or when configuring the TEXTML Server. Make sure that you created and signed the certificate as documented in these procedures and try again.