+2712 88 00 258
KB20230607/01: Sage 300 People Tip & Trick – How to replace an expired Secure Sockets Layer (SSL) certificate with a new one.
What is an SSL certificate?
An SSL certificate is a digital certificate that authenticates a website’s identity and enables an encrypted connection. SSL stands for Secure Sockets Layer, a security protocol that creates an encrypted link between a web server and a web browser.
Below follows the instructions on how to replace an expired SSL certificate for Sage 300 People Web Self Service.
Step 1:
Log on to the web server and click on the Windows icon at the bottom left.
Type Run and enter MMC once it is open.
Click on File and Add/Remove Snap in.
Click on Certificates and Add select Computer Account, Next and click on OK
Expand Console Root and go in to the Personal folder and Certificates.
Confirm that the valid SSL certificate is there and has a Friendly Name.
Step 2:
Open Powershell and run the NETSH HTTP show SSLCERT command.
Step 3:
Run the NETSH HTTP Delete SSLCERT 0.0.0.0:9443 to delete the binding to the certificate.
Step 4:
Under “Sites,” select the site to be secured with SSL.
Step 5:
In the “Site Bindings” window, click “Add…” This will open the “Add Site Binding” window.
Step 6:
From the drop down select the SSL certificate and change the Type to HTTPS and the port to 443. Once done click on “OK”.
Step 7:
Run the Peoplesetup.exe, navigate to Tools and select Add a SSL Certificate.
Step 8:
Select Add SSL Certificate and from the drop down select the certificate and click on Add Certificate.
Make sure that the port is set to 9443 and for the mobile app the same can be done, just change the port to 8943.
Step 9:
Open Powershell and run the command NETSH HTTP Show SSLCERT and make sure the certificate binding is correct. Binding must be 0.0.0.0:443, 0.0.0.0:9443 and if the mobile app has been configured, port 0.0.0.0:8943. These are all HTTPS ports for enhanced security.
It is highly recommended to use a valid SSL certificate when publishing your People Web Self Service to make it publicly accessible.
An SSL certificate can be purchased from different vendors like Digicert.com or from your internet service provider.
Step 10:
Restart all services by using the Scheduler Service.
