Configuring Windchill Creo Packages Client on SSL Server
To export or import CAD data through the WPC client on SSL server, you have to perform the following steps.
1. Import Root CA (Optional) to WPC Client system.
* 
Importing Root CA(optional) and the SSL certificate to WPC Client has to be done manually.
The maximum of the Certificate Authorities (CA) that issue SSL web server security certificates are trusted and accepted by web browsers without any problem. In case the CA is not trusted, the browser will display a warning each time the site is visited. WPC uses Creo for export and import of CAD data. Creo has embedded browser that access the Windchill server during upload or download. While execution of WPC commands that involves the CAD upload or download, a popup is displayed by the embedded browser warning about un-trusted CA. You can accept the certificate and proceed. However, this popup will appear for each command execution. To avoid this popup, the un-trusted CA (Root CA) needs to be imported to WPC Client system as follows:
a. Contact Windchill Server Administrator or Web Server Administrator to get the Root CA file and download it on the WPC.
b. Open the downloaded root CA from the temp folder. Click Install Certificate... and follow the steps of the wizard.
* 
Step 1 is not required if the CA is trusted.
2. Import SSL certificate to WPC Client load point (WPC_HOME). As mentioned in point 1, the CA issues the SSL certificates which are kept on the Web server. For Apache, it is kept in the APACHE_HOME\conf folder. Web server sends it to the client for acceptance and to achieve the HTTPS communication. This SSL certificate file needs to be imported to WPC Client as follows:
a. The IE might have already downloaded this SSL certificate. You can export it from IE from Tools > Internet Options > Contents > Certificates > Intermediate Certification Authorities : Look for certificate received from Windchill server. Click Export and save it in WPC_HOME with name cacert.crt
OR
Contact Windchill Server Administrator or Web Server Administrator to get the SSL certificate file and download it at the WPC_HOME with name cacert.crt. The file is typically found in Web server's configuration folder such as APACHE_HOME\conf.
b. Create a keystore by using the keytool java utility as follows: \jre\bin\keytool.exe -import -alias WPCALIAS -file %WPC_HOME%\cacert.crt -keystore %WPC_HOME%\wpc.cert
Was this helpful?