Once you have obtained the signed certificate and its private key, you
need to install them on the IXIA TEXTML Server.
About this task
The procedure below assumes that you have the following files:
- textml_signed_cert.pem:
Signed CA certificate for the TEXTML Server
- textml_cert_privatekey.pem: Private key generated when doing
the certificate signing request
To configure the TEXTML Server:
Procedure
-
Copy the textml_signed_cert.pem and textml_cert_privatekey.pem files to the following
directory:
- Windows: C:\ProgramData\IxiaSoft\Certificates
- Linux: /opt/ixiasoft/certificates/
Note: Create the Certificates directory if it does not exist. The path to the certificate directory is hardcoded in some files, such as /perl/CommonSubs.pm. Some scripts or actions may fail if the certificates are not in the default location.
-
Open the TextmlServerCfg.xml file with a text editor.
This file is located in the following directory:
- Windows: C:\ProgramData\IxiaSoft\TextmlServer43
- Linux: /opt/ixiasoft/textmlserver/%instance-name%/
-
Look for the
<SSL>
section of the configuration:
<SSL>
<UseSSL>False</UseSSL>
<SSLPort>2551</SSLPort>
<UseSSLOnly>True</UseSSLOnly>
<CertificatePath>./</CertificatePath>
<PrivateKeyPath>./</PrivateKeyPath>
<ClientCertificatePath>Certificates</ClientCertificatePath>
</SSL>
-
Enter the following information:
Option | Description |
---|
UseSSL |
Enables SSL security. Enter True (SSL is enabled) or False (SSL is not enabled). |
SSLPort |
Enter the port number used for the secure
connection. |
UseSSLOnly |
The TEXTML Server can
support both secure and non-secure connections on separate ports. To
force the TEXTML Server to allow secure
connections only, set this field to True . This will disable the non-secure port defined in the
configuration.IXIASOFT recommends that you set
this field to True . |
CertificatePath |
Enter the path to the signed certificate. |
PrivateKeyPath |
Enter the path to the private key. |
ClientCertificatePath |
This field applies when replication is used. On the
secondary TEXTML Server, enter the path to the
root CA certificate. Leave this field as is if your
deployment is not using replication. |
For
example:
<SSL>
<UseSSL>True</UseSSL>
<SSLPort>2551</SSLPort>
<UseSSLOnly>True</UseSSLOnly>
<CertificatePath>
C:\ProgramData\IxiaSoft\Certificates\textml_signed_cert.pem
</CertificatePath>
<PrivateKeyPath>
C:\ProgramData\IxiaSoft\Certificates\textml_cert_privatekey.pem
</PrivateKeyPath>
<ClientCertificatePath>Certificates</ClientCertificatePath>
</SSL>
-
Restart the TEXTML Server.
The
TEXTML Server should now
be able to respond to secure connection requests on the port you have specified.
Note: Look at the TEXTML Server
log to confirm that the server started properly. If the logs contain an SSL
error, then an error occurred when creating the certificates or when
configuring the TEXTML Server. Make sure that you created and signed the
certificate as documented in these procedures and try
again.