How to convert an IIS SSL certificate for Apache

• Open Microsoft Management Console by putting the following command in RUN. "MMC.EXE" 
• Click on File icon then Add/Remove snap-in.
  
  

• Select Computer account -> Local computer and hit on Finish button. Then click on OK button.
• Now, expand the certificates navigate to "Personal" or "Web Hosting" based on the location you chose while installing the SSL certificate. You will finally end up getting the SSL certificate installed in IIS.
  
  

Note: If the export with private key option is grayed out and if you are using Let'sEncrypt certificate, please follow these steps to get the PFX file - https://rdr-it.com/en/lets-encrypt-generate-a-pfx-with-iis/ 

Also, if you are using Let's Encrypt certificate the Java JDK version installed in the upload manager server should be minimum 1.8.0.101 and should be in the 1.8 series. Java JDK 1.9 or higher series won't work with eMAM upload manager. If you are installing the new JDK, make sure you are uninstalling the old JDK and reinstall the eMAM upload manager. After that associate the right user with the service.

• Click Next and save the certificate in a location. The exported file will be in a .pfx (Personal Information Exchange) format. Click on the Finish button to complete the export process.

• Open Command Prompt and CD to the following location "C:\Program Files\Java\jdk\bin".
• If the path does not exist, go manually to the bin folder inside JAVA\JDK. Make sure "keytool.exe" exists inside the bin folder. Now, execute the following command.

keytool -importkeystore -srckeystore C:\Users\Administrator\Desktop\test\ourdomain.pfx -srcstoretype pkcs12 -destkeystore C:\Users\Administrator\Desktop\test\eMAMUploadManager.jks -deststoretype JKS

eMAM 3.8 - C:\Program Files\Empress Media\eMAM Gateway\eMAMUploadManager

eMAM 5.1 and above - C:\Program Files\Empress Media\eMAM Ingest Manager\eMAMUploadManager

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"

Uncomment this tag and replace it with following tag:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="${user.dir}/eMAMUploadManager.jks" keystorePass="Enter KeyStore password here" />

Please use the screenshot below for reference.

Note: The key Store file path may need to be changed for eMAM 5.0 in the server.xml file.

• Save the server.xml file after making the changes.
• The default port of Apache over SSL is 8443. Make sure the port is open to the server and put the uploader URL with https in the browser to make sure the uploader is working fine.

https://yourdomainname:8443/eMAMUploadManager/EMAMUploader 

Replace the dummy domain name in the above URL with actual domain name. Once you get "eMAM Upload Manager is running successfully" response message in the browser, please change the eMAM Uploader key under App settings in the web.config XML configuration file of eMAM Director with the above URL.

• Open Services by putting the following command in RUN "services.msc".
• In the Services window scroll down and find eMAMUploadManager. 
• Right-click on the service and choose restart.

If you face any issues, please contact eMAM Support at support@emamonline.com for further assistance.