Introduction
The WXP Collaboration Platform supports secure data transmission through custom SSL certificate configurations. This article explains how to implement a custom certificate on your Data Collector while outlining critical limitations and support considerations for your environment.
Using Your Certificate
From Release 4.9 of the WXP Collaboration Data Collector onwards, you have the ability to use your own certificate for endpoints and CMS to send data to the collector.
All you need to do is add the following lines to your vyoptacollector.xml file. Assume the data collector's server has a FQDN of 'vyopta.customer.com' and a keystore called keystore.p12 with a keystore password of 'mypass', you would add the following properties
<property key="ssl.cert.domain">vyopta.customer.com</property>
<property key="ssl.cert.location">C:\Vyopta\keystore.p12</property>
<property key="ssl.cert.password">mypass</property>Once you added the properties, you can restart your data collector.
The next step is to open a web browser to https://your.collector.server:22181, review the certificate, and verify that it matches the one being supplied. If you are viewing your cert, you have successfully applied your custom cert to the data collector.
Note
This is an advanced setting in WXP Collaboration, and is not supported or recommended. If you choose to provide your own certificate to the data collector, you will need to self-support any potential issues related to TLS and SNI. The example below shows that the HTTP feedback port on an endpoint cannot connect to the data collector because of SNI enforcement in the certificate.
If you run into issues like the ones above, our only recommendation is to use the default certificate provided in the WXP Collaboration Data Collector rather than a custom certificate.
Contact Us
For any assistance, create a support case or email support@wxp.hp.com.