Configuring SSL Certificate from Windows Certificate Store for Apache Upload Manager

1. Install the Latest Java JDK

Download and install the latest stable version of the Java JDK from https://www.oracle.com/in/java/technologies/downloads/

After the download, complete the installation of the JDK.

2. Set the Java Home with the newly installed JDK path

Check Java Installation Path:

Usually installed at: C:\Program Files\Java\jdk-xx.x.x

Set JAVA_HOME:

Right-click on This PC → Properties → Advanced system settings.

Click Environment Variables → Under System variables, click New (or update the existing one)

Variable name: JAVA_HOME

Variable value: C:\Program Files\Java\jdk-xx.x.x

Click OK.

Update Path Variable (optional but recommended):

Select the Path variable → click Edit.

Click New, then add:

%JAVA_HOME%\bin

Click OK.

Verify Configuration:

Open Command Prompt, and run:

echo %JAVA_HOME%

java -version

3. Update JVM.DLL Path in Windows Registry

The Tomcat service needs to know where to find the Java Virtual Machine (JVM). We’ll update the registry to point to the correct JDK path.

Open Registry Editor:

Press Win + R, type regedit, and hit Enter.

Navigate to the following path:

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Apache Software Foundation\Procrun 2.0\eMAMUploadManager\Parameters\Java

Edit the JVM string to point to the jvm.dll from the latest installed JDK folder path.

For example:

C:\Program Files\Java\jdk-23\bin\server\jvm.dll

4. Edit the SSL Certificate Friendly Name

Open the Microsoft Management Console (MMC):

Press Win + R, type mmc, and hit Enter.

Click on Add or Remove Snap-in.

Select Certificates and click Add.

Choose Computer account and then Local account.

Locate the SSL certificate:

Right-click the certificate and select Properties.

Edit the Friendly Name.

Copy the new Friendly Name.

5. Configure SSL Certificate in server.xml

We need to configure the Apache Tomcat server to use the SSL certificate from the Windows Certificate Store.

Stop the Upload Manager service.

Open the Upload Manager’s server.xml configuration file:

C:\Program Files\Empress Media\eMAM Ingest Manager\eMAMUploadManager\conf\server.xml            OR

C:\Program Files\Empress Media\eMAM Gateway\eMAMUploadManager\conf

Take a backup of the XML file.

Find the line:  <Connector port="8080" protocol="HTTP/1.1"

<Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443"
               maxParameterCount="1000"/>

Replace it with the following configuration:

<Connector port="8443"

           protocol="org.apache.coyote.http11.Http11NioProtocol"

           SSLEnabled="true"

           maxThreads="150"

           scheme="https"

           secure="true"

           keyAlias="Paste the friendly name here"

           keystoreFile=""

           keystorePass=""

           keystoreType="Windows-MY-LOCALMACHINE"

           keystoreProvider="SunMSCAPI"

           clientAuth="false"

           sslProtocol="TLS"

           sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"

           keepAliveTimeout="200000"/>

6. Start the Upload Manager Service

Start the Upload Manager service and verify that the new certificate is updated and being used for the eMAM Upload Manager.

You can access the eMAM Upload Manager URL: https://domain_name:8443/eMAMUploadManager/EMAMUploader

Notes: Make sure port 8443 is opened in the Firewall/Security Group.

• Related Articles

• How to convert an IIS SSL certificate for Apache?

  How to convert an IIS SSL certificate for Apache 1. We need to export the certificate as PFX with the private key. Please follow the below steps: Open Microsoft Management Console by putting the following command in RUN. "MMC.EXE" Click on File icon ...

• How to resolve error "The request was aborted: Could not create SSL/TLS secure channel" on Director?

  This article outlines the steps to resolve the "The request was aborted: Could not create SSL/TLS secure channel" error that may appear in your browser when loading eMAM Director. See the image for reference. To fix this, we need to ensure that ...

• How to create a virtual directory inside Apache Tomcat

  To employ Apache Tomcat instead of IIS to play the preview of assets in eMAM, we need to make necessary changes in configurations in two locations as explained below. 1. Adding Virtual directory Open C:\Program Files\Empress Media\eMAM Ingest ...

• How to install App Manager?

  You can also download and install eMAM App Manager directly from the eMAM Director Interface following steps below: Login to eMAM Director interface. Go to the green radial Settings button and then click on My Account. 2. A new window opens up for My ...

• How To Disable TLS 1.0 and 1.1 for Apache

  Please find the below steps to disable TLS 1.0 and 1.1 for the Apache webserver. Note: Please make sure that you have a valid SSL certificate. Please login to the eMAM upload manager installed server (web or app ), and find the server.xml file from ...