ManageEngine ADSelfService Plus – How to apply a wildcard cert ?

ADSelfService Plus by ManageEngine is a great tool. The instructions provided to configure SSL did not work for me, but I was able to figure it out doing the following:

You need a PFX File: Wild Card Cert for *.yourdomain.com (Yourdomain-WildCard.pfx) – This can be generated/ exported by IIS if you have a wildcard cert.

STEPS to apply and use Wildcard cert:

1. Enable SSL in ADSelfService Plus.

• Click “Admin” tab –> Product Settings –> Connection.
• Enable “Enable SSL Port [https]” check-box -> click “Save” button.

2. Stop ADSelfService Plus. (Start –> All Programs –> ADSelfService Plus –> Stop ADSelfService Plus) .
3. Save the “.pfx” file under “C:\ManageEngine\ADSelfService Plus\conf”, take a backup copy of server.xml file and then edit the “server.xml” file.
4. Go to the bottom of server.xml file and edit connector tag and add the keystoreFile, keystorePass, keystoreType  and save the file.

<Connector SSLEnabled="true" acceptCount="100" clientAuth="false" connectionTimeout="20000" debug="0" disableUploadTimeout="true" enableLookups="false" 
keystoreFile="./conf/YourDomain-WildCard.pfx" keystorePass="Private Key Password" keystoreType="PKCS12" maxSpareThreads="75" maxThreads="150" 
minSpareThreads="25" name="SSL" port="443" scheme="https" secure="true" sslProtocol="TLS"/>

5. Start ADSelfService Plus or restart the server.

Hope this helps!