• Recent
    • Tags
    • Popular
    • Register
    • Login

    Please Note This forum exists for community support for the Mango product family and the Radix IoT Platform. Although Radix IoT employees participate in this forum from time to time, there is no guarantee of a response to anything posted here, nor can Radix IoT, LLC guarantee the accuracy of any information expressed or conveyed. Specific project questions from customers with active support contracts are asked to send requests to support@radixiot.com.

    Radix IoT Website Mango 3 Documentation Website Mango 4 Documentation Website Mango 5 Documentation Website

    SSL Installation on the mango cloud

    Mango General
    5
    14
    3.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JMbayo
      last edited by

      Hi Graig!
      Thanks for your response,I have created my keystore .jdk using windows key tool.and i pasted it in the directory as shown on the mango.i have not use a password to generate my key.
      this is the link i got information from: https://forum.infiniteautomation.com/topic/3725/external-ip/7

      1 Reply Last reply Reply Quote 0
      • CraigWebC
        CraigWeb
        last edited by

        Hi Jerry

        Did you use a password when creating the keystore, not the key? The logs show Mango cannot access the keystore.

        What did you put on this line in your env.properties:

        ssl.keystore.password=morethan6characters
        
        J 1 Reply Last reply Reply Quote 0
        • J
          JMbayo @CraigWeb
          last edited by

          Hi craigweb i did put : ssl.keystore.password=freetextpassword

          1 Reply Last reply Reply Quote 0
          • CraigWebC
            CraigWeb
            last edited by

            @jmbayo said in SSL Installation on the mango cloud:

            Caused by: java.security.UnrecoverableKeyException: Password verification failed

            Your logs show that the password is not correct. You need to first test your password on the keystore.

            J 1 Reply Last reply Reply Quote 0
            • phildunlapP
              phildunlap
              last edited by

              this is the link i got information from: https://forum.infiniteautomation.com/topic/3725/external-ip/7

              Did you use the keytool command exactly as it appears in this thread? If so, your keystore password would likely be changei

              1 Reply Last reply Reply Quote 0
              • J
                Jimmy Kabuya
                last edited by

                This post is deleted!
                1 Reply Last reply Reply Quote 0
                • MattFoxM
                  MattFox
                  last edited by

                  I trust you got things sorted Jimmy? Welcome to message via chat as well if you have any concerns

                  Fox

                  Do not follow where the path may lead; go instead where there is no path.
                  And leave a trail - Muriel Strode

                  1 Reply Last reply Reply Quote 0
                  • CraigWebC
                    CraigWeb
                    last edited by

                    Hi Jimmy

                    The process is as follows:

                    1. Create a keystore.jks to hold your keys
                    2. Import the certificate into the keystore.
                    3. Move the keystore onto your cloud server.
                    4. edit the env.properties folder to point to your keystore.

                    If any passwords were used on either the key or the certificate then add them to the env.properties file

                    J 1 Reply Last reply Reply Quote 0
                    • J
                      Jimmy Kabuya @CraigWeb
                      last edited by

                      This post is deleted!
                      1 Reply Last reply Reply Quote 0
                      • J
                        Jimmy Kabuya @CraigWeb
                        last edited by

                        @craigweb Thanks. Let me try that, will let you know how it goes.

                        1 Reply Last reply Reply Quote 0
                        • J
                          JMbayo
                          last edited by

                          Hi all; the SSL is now working on my cloud. I thought I would share the procedure and challenges encountered.
                          Step 0.
                          Buy a genuine SSL certificate
                          Step 1.
                          Generate a CSR to request a certificate from a recognised CA
                          Step 2
                          Generate a file.jks; on my case I used keystore explore to create a keystore.jks and load all my certificate in it.
                          Setp 3
                          I then imported it into my mango /opt/mango/overrides/properties
                          Challenges:
                          After all these steps, when I edited my env file to activate the SSL, my web page couldn’t be access. The issue was on my env file, I didn’t uncommented the ssl.key.password. I followed the instruction for using certbot which was not the right one for my case. The right is on support under configurationinstallation

                          1. ssl.on=true
                          2. ssl.port=443
                          3. ssl.keystore.location=[YOUR FULL MANGO PATH HERE]/overrides/keystore.jks
                          4. ssl.keystore.password=[leave empty if you didn’t use a password]
                          5. ssl.key.password=[leave empty if you didn’t use a password] (Note that this need to be uncommented as it is initially commented out)
                            Then I restarted mango, and that’s it
                          1 Reply Last reply Reply Quote 1
                          • First post
                            Last post