Importing SSL Certificates in Linux
Last modified on 12 August 2020 11:30 PM
This article lists the commands used to import your existing SSL certificates into PaperCut when running on Linux. This will allow the certificates to be used for accessing the web interfaces via HTTPS.
Many thanks to Matt Peacock of Belper School for contributing the steps for this Knowledge Base article!
Please note before following these instructions that all references to files with a specific version number will change with every PaperCut NG/MF update. If you specify the wrong file name you will get an error. Before starting we recommend that you navigate your lib folder by entering
1. If you have separate PEM encoded key and certificate files, you will first need to convert them to a PKCS12 bundle as follows:
Where keyfile.key is the location of your key file, cert.crt is the location of your certificate file and /tmp/pccert.pfx is the output PKCS12 bundle file.
2. Import the PKCS12 bundle into PaperCut as follows:
3. To set up PaperCut to use the new certificate:
Uncomment the following lines, appending the output keystore password that you entered before.
ii) Restart the PaperCut Application Server. You should now be able to connect to your PaperCut server using HTTPS.
iii) Once you have verified that HTTPS connections are working, DELETE the PKCS12 certificate file
iv) Under Options→General→Client Software you can tell the client software to access the server via SSL/HTTPS by default, to increase security.
v) Depending on how your certificate has been issued, when you attempt to access the PaperCut web interface through the link on the user client tool, you may receive errors stating that ‘The name on the security certificate is invalid or does not match the name of the site’. To get rid of these errors you need to update the ‘server-name’ value in