5️⃣ Transport Security or SSL for TMVGate

Transport security or SSL for TMVGate is specified by the Endpoints settings in the TMVGate.json configuration file located in the application folder. By default, transport security is not activated for TMVGate.

To enable the Transport Security or SSL, perform the following steps:

1. Obtain an SSL certificate from an SSL Certificate Vendor and install it in the TMVGate Server “Local Computer Personal” certificate store.

References:

• Compare and Choose the Right SSL Certificate Provider: https://www.sslshopper.com/
• How to install imported certificates on a Windows-based Web server: https://learn.microsoft.com/en-us/troubleshoot/windows-server/certificates-and-public-key-infrastructure-pki/install-imported-certificates

2. Set the Endpoints PORT to the desired port address:

e.g. TCP Port address 50235:

3. Set the Endpoints SSLEnabled flag to “True”.

4. Update Endpoints SearchBy to determine binding of Endpoints Port to the SSL Certificate using either “Subject” or “Thumbnail”.

e.g. Binding by Subject

5. Set Endpoints Subject based on Certificate’s Subject Common Name if binding to port is by Subject.

e.g. binding to Subject Common Name - “hostname.domain.com”

6. Set Endpoints Thumbnail based on Certificate’s Thumbnail if binding to port is by Thumbnail.

e.g. binding by Subject name “hostname.domain.com”

7. Restart TMVGate Windows Service for the new configuration setting to take effect.

Getting the Certificate's Thumbprint with MMC

1. Open the Command Prompt window.
2. Type mmc and press the “ENTER” key. On the File menu, click “Add/Remove Snap In”.
3. Click “Add”.
4. In the Add or Remove Snap-in dialog box, select “Certificates”.
5. Click “Add”.
6. In the Certificates snap-in dialog box, select “Computer account” and click “Next”.
7. In the Select Computer dialog box, click “Finish”.
8. On the Add/Remove Snap-in dialog box, click “OK”.
9. In the Console Root window, click “Certificates” (Local Computer) to view the certificate
10. stores for the computer.
11. Click on the folder where the SSL certificate was installed.
12. Click the Certificates folder to expand it.
13. Double-click on the SSL certificate.
14. In the Certificate dialog box, click on the “Details” tab.
15. Scroll through the list of fields and click “Thumbprint”.
16. Copy the thumbprint of the certificate into a text editor, such as Notepad.
17. Remove all spaces between the hexadecimal characters.

References:

• How to: View Certificates with the MMC Snap-in: https://msdn.microsoft.com/en-us/library/ms788967(v=vs.110).aspx
• How to: Retrieve the Thumbprint of a Certificate: https://msdn.microsoft.com/en-us/library/ms734695(v=vs.110).aspx

For support, reach out via info@itlink.com.sg or visit ITLink Support.