To import SSL certificate and key into PowerSchool's database
In order to use the PowerSchool's API(s) or to enable Single Sign-on with 3rd-party app using SAML2, we need to enable HTTPS.
To enable HTTPS on this application server, import a certificate and private key into the database. If you have already imported a certificate on this or any other application node, skip this procedure. If you do not yet have a certificate you will have the option to import and enable HTTPS at a later time
If you choose to import, all certificates should be standard X509 certificates in standard Privacy Enhanced Mail (PEM) format. Viewed in a text editor, PEM format certificates start with "------BEGIN CERTIFICATE-----" and end with "-----END CERTIFICATE-----". The private key file should also be in PEM format. The private key password is the password you set when you generated the private key/certificate request pair. If your certificate authority provides an intermediate certificate or certificates, include them here.
My private key is in the form of: myprivate.key , so I have to convert it to .pem format with the following command (in Linux):
$ openssl rsa -in myprivate.key -out myprivate.key.pem -outform PEM
For the certificate, It should be a combined file of: my domain certificate, root certificate, and the intermediate certificate (my_combined_cert.crt).
Then go to PowerSchool > System > System Settings > Digital Certificates Management. And in the Key Store tab, Import Digital Certificate section, select "I have two files and no password (PEM)", then import myprivate.key.pem and mycert.pem. Done.
To enable HTTPS on this application server, import a certificate and private key into the database. If you have already imported a certificate on this or any other application node, skip this procedure. If you do not yet have a certificate you will have the option to import and enable HTTPS at a later time
If you choose to import, all certificates should be standard X509 certificates in standard Privacy Enhanced Mail (PEM) format. Viewed in a text editor, PEM format certificates start with "------BEGIN CERTIFICATE-----" and end with "-----END CERTIFICATE-----". The private key file should also be in PEM format. The private key password is the password you set when you generated the private key/certificate request pair. If your certificate authority provides an intermediate certificate or certificates, include them here.
My private key is in the form of: myprivate.key , so I have to convert it to .pem format with the following command (in Linux):
$ openssl rsa -in myprivate.key -out myprivate.key.pem -outform PEM
For the certificate, It should be a combined file of: my domain certificate, root certificate, and the intermediate certificate (my_combined_cert.crt).
Then go to PowerSchool > System > System Settings > Digital Certificates Management. And in the Key Store tab, Import Digital Certificate section, select "I have two files and no password (PEM)", then import myprivate.key.pem and mycert.pem. Done.
Comments
Post a Comment