Usually SSL certificate comes in “PFX” format from SSL certificate providers (certificate authority). In that case you need to convert it to P12 format before proceeding with XDM configuration.

Let’s suppose you named your converted SSL certificate “WildCard.p12” and the password is “123456“.
Now we need to edit two XDM server files (pki.xml  & server.xml)
Note that the external SSL certificate file in “.p12” format must be stored locally to the Device Manager server: For this example we will use: C:\SSL-Certs\

1. pki.xml : Located at “C:\Program Files (x86)\Citrix\XenMobile Device Manager\tomcat\webapps\zdm\WEB-INF\classes\pki.xml

2. server.xml : Located at “C:\Program Files (x86)\Citrix\XenMobile Device Manager\tomcat\conf\server.xml

1. Open the first file “pki.xml ” and add the following bean ID:
Edit the string keyStorePath to point to the location of the External SSL certificate C:\SSL-Certs\WildCard.p12 and string keyStorePass with the SSL certificate password “123456”.


<bean id=”externalSslCert”
class=”com.sparus.nps.pki.def.KeyStoreParams”
p:keyStoreType=”PKCS12″
p:keyStorePath=”
C:\SSL-Certs\WildCard.p12
p:entryAlias=””
p:keyStorePass=”123456″
p:publiclyTrusted=”true”
/>

In the same file, search for the string: legacySslCert

legacy-old

 

and replace with externalSslCert as below…

legacycert

 

2. Now Open the second file “server.xml ” and search for the following strings:

Connector Port=”443”
 and then add the SSL certificate path and password as defined in the pki.xml file…

keyStorePath=”C:\SSL-Certs\WildCard.p12
keyStorePass=”123456″

Connector Port=”8443” and then add the SSL certificate path and password as defined in the pki.xml 

 keyStorePath=”C:\SSL-Certs\WildCard.p12
keyStorePass=”123456″

Save the edited files and restart the Device Manager Service or reboot the server…