CSR Creation for Adobe Connect
This is a full walkthrough of how to set up and install Adobe Connect 7 Pro with SSL. If you are having trouble with your CSR creation or SSL installation, hopefully, this can clarify any issues you encountered while understanding the Adobe documentation.
Creating CSRs and Private Keys in Adobe Connect 7 Pro
You will need to create two private keys and certificate signing request files. The easiest way to do this is to use our OpenSSL CSR creation tool. Follow the instructions on that page, and make sure to use connect.yourdomain.com as the common name for the first request and connectmeeting.yourdomain.com as the common name for your second request.
You will have two key files and two CSR files. You will send the CSRs to DigiCert along with your certificate orders or reissue requests. Add a .pem extension to your .key files (they should be named connect.yourdomain.com.key.pem and connectmeeting.yourdomain.com.key.pem, respectively).
SSL Installation in Adobe Connect 7 Pro
You will be able to continue with your certificate installation once your order has been validated and you have received your signed cert files from DigiCert. These will be sent to you in an email, or can be downloaded inside your account by clicking on the order number once the certificates have been issued.
Open and backup [path_to\comserv\win32\conf_defaultRoot\Adaptor.xml]. Replace the SSL block (a little more than halfway down) with the following block of text, replacing text in brackets with the information applicable to your configuration:
<SSL> <Edge name="applicationserver"> <SSLServerCtx> <SSLCertificateFile>[<connect install path>\\connect.mydomain.com.key.pem]</SSLCertificateFile> <SSLCertificateKeyFile type="PEM">[<connect install path>\\connect.mydomain.com.key.pem]</SSLCertificateKeyFile> <SSLPassPhrase>mypassphrase</SSLPassPhrase> <SSLCipherSuite>ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH</SSLCipherSuite> <SSLSessionTimeout>5</SSLSessionTimeout> </SSLServerCtx> </Edge> <Edge name="meetingserver"> <SSLServerCtx> <SSLCertificateFile>[\\connectmeeting.mydomain.com.key.pem]</SSLCertificateFile> <SSLCertificateKeyFile type="PEM">[\\connectmeeting.mydomain.com.cert.cer]</SSLCertificateKeyFile> <SSLPassPhrase>mypassphrase</SSLPassPhrase> <SSLCipherSuite>ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH</SSLCipherSuite> <SSLSessionTimeout>5</SSLSessionTimeout> </SSLServerCtx> </Edge> </SSL> |
Find the <HostPortList> node in the same adaptor.xml file. There will probably be a line of uncommented text similar to the following:
<HostPort name="edge1">$Unknown macro: {DEFAULT_FCS_HOSTPORT}</HostPort> |
Replace that entire block of text with the following text:
<HostPort name="applicationserver"ctl_channel=":19351">your application server ip:-443</HostPort> <HostPort name="meetingserver"ctl_channel=":19350">your meeting server ip:-443</HostPort> |
Next, open [<connect install path>\\custom.ini] and add the following code to the very end of that file:
ADMIN_PROTOCOL= https://\\\\ SSL_ONLY=yes HTTPS_PORT=8443 RTMP_SEQUENCE=rtmps://external-host:443/?rtmp://localhost:8506/ |
Save and close your customer.ini file.
Your RouteEntry node should be empty. Find that section and replace it with:
<RouteEntry protocol="rtmp">:;*:$ Unknown macro: {ORIGIN_PORT} </RouteEntry> |
Once you have replaced this section, save and close the VHost.xml file.
Your Adobe Connect server should now work properly, and force all non-secure traffic over to SSL.