-- HTTPS connection for copilot.

Here is the introduction of an HTTPS connection to the MFT Navigator (Copilot).

1. Prerequisites:
Creating a Type Certificate Server "selfsigned"
Export the certificate in pkcs12 format (for server) and PEM or DER (for customers).

2. Server side (CFT):
2.1 Copy of certificate in the directory CFT.
2.2 cftutil uconfset id = copilot.ssl.sslcertfile, value = <certificat_pkcs12>
2.3 cftutil uconfset id = copilot.ssl.sslcertpassword, value = <password_certificat>
2.4 Edit the file runtime / wwwroot / admin.html (or other html files)
Section / / SSL keystore.
Delete the reference WINDOWS SSL_KEYSTORE for the parameter, as follows:
array_push (parameters, "",""); SSL_KEYSTORE

2.5. Stop / restart Copilot

3. Client side (s)
Import the certificate into the Java keystore (used by the Applet Copilot)
To import the certificate is the public part (without private key) previously exported.

keytool-import-alias-trustcacerts copilot_https1-file "<certificat>"-keystore "<jre> \ lib \ security \ cacerts"
The keystore password is changeit, by default.

Warning! If multiple versions of Java Runtime installed on the client:
Make sure to point to the JRE used by MFT Navigator, that is returned by java-version
4. Tests
Close co-pilot sessions open, clear the Java cache
Call of the URL with https Copilot course.

5. Troubleshooting:
5.1: server-side file runtime / run / copilot.trc: CertExtractFromBuf: could not load PKCS12 certificate (error 0)
The password of the certificate is wrong => see 2.3
5.2 on the client: ERR: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Untrusted Server Certificate Chain
Verify that the server certificate was imported into the pki Java => see 3.