Similar presentations:
SSL server configuration. Update
1. UDI: RSSBus Partner Configuration
SSL Certificate Update2. SSL Server Configuration Update
• The FDA ESG’s SSL certificates will expire– Test 11/20
– Production 11/26
• The FDA ESG Test continues to work with the old certificate, but the
new certificates should be applied
• RSSBus has issues importing the native certificate file provided by the
FDA, so our process is to just download the certificate from the FDA’s
website. It is safer and cleaner this way as we know the certificate is
valid since it is retrieved from their website.
• The process that follows shows how to update the RSSBus FDA
partner
• Test should be updated as soon as possible. Production can wait until
after 11/26 as the new certificate will not be available on their website
until then.
• This process will repeat annually as the FDA’s new certificates are only
valid for one year.
3. SSL Update Process
1. Download certificate from FDA website1. Esgtest.fda.gov
2. Esg.fda.gov
2.
3.
4.
5.
6.
7.
8.
9.
Export Certificate to x.509 crt format
Place certificate on AS2 Server
Login to RSSBus web application
Import new certificate via web application
Update SSL Certificate for FDA ESG Partner
Save Partner changes
Verify changes
Send test file
Not sure how the FDA will feel about step #9 in Production, but I feel it is
necessary to make sure the changes are completed correctly. Step #9 will
generate some “ack” files from the FDA that will fail, but these are just a
byproduct of the test.
4. Download Certificate
• Using FireFox, go to https://esg.fda.gov5. Download Certificate
• Click security icon next to URL• Select More Information
6. Download Certificate
• Select View Certificate7. Download Certificate
• Select Details8. Download Certificate
• Click Export9. Download Certificate
• Save file to disk in crt format with filename10. Update Partner
• Access RSSBus server• Copy crt file from disk to RSSBus server
– Most setups have a folder called “certs” or “cert” under the <as2 integration
home> directory
– You can place the file there
• Login to RSSBus using web login
(https://<server>.<domain>:4080/rssbus or
https://localhost:4080/rssbus
– If unable to remember RSSBus password, find file tomcat-users.xml in your
<tomcat home>/conf folder and inside the file you will find the user name
and password here
<user name=“xxxxxx" password=“xxxxx" roles="rssbus_appuser,rssbus_admin,admingui,manager-gui,manager-status,manager-script,manager-jmx" />
• Once logged in select AS2 Connectopr
11. Update Partner
• Select Partner you want to update– Select FDA Test Partner (AS2 Identifier = ZZFDATST)
• On Partner, select Settings
12. Update Partner
• Scroll down and select “Select Certificate” for SSL Server Configuration• Click “Browse” to locate crt file copied to AS2 Server
13. Update Partner
• Locate crt file on server and select OK• Select “Import Certificate” after selecting file
14. Update Partner
• Click Save Changes after making update to SSL Server Certificate15. Update Partner
• Check for green messages after saving changes16. Send Test File
• Create test txt file with “Hello World”– Name text file “test.txt”
– This type of file will bypass any Agile integrations, and will cause some
error logs/files, but is necessary
• Login to RSSBus and select FDA Partner
• Go to “Outgoing” tab
17. Send Test File
• Click Upload Files and select “test.txt”• Wait for 5-10 seconds
– RSSBus has events triggered by new files, so best to wait until they are
complete
• Click box next to file and then hit “Send”
18. Send Test File
• Once sent, you will receive a success message which indicates theSSL Configuration is complete