Install SSL Certificates

The OneSpan Authentication Server default installation enables HTTPS connections, so you will need to import the OneSpan Authentication Server root certificate into the JVM keystore to use the SOAP wrapper.

This certificate can be found in the OneSpan Authentication Server installation folder. On Windows, this is typically %PROGRAMFILES%\VASCO\IDENTIKEY Authentication Server\bin\ikey_soap_serverca.pem. On Linux, this is typically /etc/vasco/ias/ikey_soap_serverca.pem.

To install OneSpan Authentication Server certificates

1. Copy the certificate file ikey_soap_serverca.pem to the machine where you installed the SDK.
2. Using a command prompt, go to jre_install_dir/bin, where jre_install_dir is the directory where the Java Runtime Environment (JRE) is installed.

3. From there, run the following command:

   keytool -importcert -v -keystore keystore_file -file ikey_soap_serverca.pem

   where keystore_file is the file name and path to where your JRE installation stores certificate information. This is typically jre_install_dir/lib/security/cacerts.

   If Web Administration Service is installed on the same host where Java is installed, then you can use the Web Administration Service keystore as keystore_file. Doing so will allow the sample website to use the Web Administration Service SOAP certificate.

4. Enter the password for the keystore. The default password is changeit.
5. Enter Yes when asked whether to trust the certificate.

If the SDK is installed on the same machine as OneSpan Authentication Server, you will have to update the controller.properties file. Add the JRE default certificate store path to the jre.trust.store parameter. For more information about the controller.properties file, see Sample website configuration file.