Configuring SSL Certificate from Windows Certificate Store for Apache Upload Manager

Configuring SSL Certificate from Windows Certificate Store for Apache Upload Manager

1. Install the Latest Java JDK

Download and install the latest stable version of the Java JDK from https://www.oracle.com/in/java/technologies/downloads/

After the download, complete the installation of the JDK.

2. Set the Java Home with the newly installed JDK path

Check Java Installation Path:

Usually installed at: C:\Program Files\Java\jdk-xx.x.x

Set JAVA_HOME:

Right-click on This PC → Properties → Advanced system settings.

Click Environment Variables → Under System variables, click New (or update the existing one)

Variable name: JAVA_HOME
Variable value: C:\Program Files\Java\jdk-xx.x.x
Click OK.

Update Path Variable (optional but recommended):

Select the Path variable → click Edit.

Click New, then add:

%JAVA_HOME%\bin
Click OK.

Verify Configuration:

Open Command Prompt, and run:

echo %JAVA_HOME%

java -version

3. Update JVM.DLL Path in Windows Registry

The Tomcat service needs to know where to find the Java Virtual Machine (JVM). We’ll update the registry to point to the correct JDK path.

Open Registry Editor:

Press Win + R, type regedit, and hit Enter.

Navigate to the following path:

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Apache Software Foundation\Procrun 2.0\eMAMUploadManager\Parameters\Java

Edit the JVM string to point to the jvm.dll from the latest installed JDK folder path.
For example:
C:\Program Files\Java\jdk-23\bin\server\jvm.dll



4. Edit the SSL Certificate Friendly Name

Open the Microsoft Management Console (MMC):

Press Win + R, type mmc, and hit Enter.

Click on Add or Remove Snap-in.



Select Certificates and click Add.



Choose Computer account and then Local account.




Locate the SSL certificate:

Right-click the certificate and select Properties.


Edit the Friendly Name.



Copy the new Friendly Name.

5. Configure SSL Certificate in server.xml

We need to configure the Apache Tomcat server to use the SSL certificate from the Windows Certificate Store.

Stop the Upload Manager service.

Open the Upload Manager’s server.xml configuration file:

C:\Program Files\Empress Media\eMAM Ingest Manager\eMAMUploadManager\conf\server.xml            OR

C:\Program Files\Empress Media\eMAM Gateway\eMAMUploadManager\conf

Take a backup of the XML file.

Find the line:  <Connector port="8080" protocol="HTTP/1.1"

<Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443"
               maxParameterCount="1000"/>

Replace it with the following configuration:

<Connector port="8443"

           protocol="org.apache.coyote.http11.Http11NioProtocol"

           SSLEnabled="true"

           maxThreads="150"

           scheme="https"

           secure="true"

           keyAlias="Paste the friendly name here"

           keystoreFile=""

           keystorePass=""

           keystoreType="Windows-MY-LOCALMACHINE"

           keystoreProvider="SunMSCAPI"

           clientAuth="false"

           sslProtocol="TLS"

           sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"

           keepAliveTimeout="200000"/>


6. Start the Upload Manager Service

Start the Upload Manager service and verify that the new certificate is updated and being used for the eMAM Upload Manager.

You can access the eMAM Upload Manager URL: https://domain_name:8443/eMAMUploadManager/EMAMUploader

Notes: Make sure port 8443 is opened in the Firewall/Security Group.