Documentation forWeb Help Desk

Import an existing certificate

By default, Web Help Desk creates a self-signed certificate. Since the certificate is not signed, it displays as not trusted. You can obtain a signed certificate from a Certificate Authority (CA), such as Comodo, GoDaddy, and others. To obtain a certificate, you can create a Certificate Request or use an existing certificate.

To use an existing certificate with Web Help Desk, import your private key and your certificate chain.

Import a self-signed or wildcard certificate

Large organizations can use a signed certificate (such as a wildcard certificate) throughout their domain. This certificate can be stored in a central location (such the Central Certificate Store (CCS) included with Windows Server 2012 and higher) and distributed on demand.

Self-signed certificates do not contain CA certificates. As a result, use your group policy object (GPO) to push the self-signed certificate to a trusted certificate store.

If you cannot import the PFX file using the Web Help Desk Administrator Console, import the file using Portecle, which is included with your Web Help Desk program files. You can download the user documentation from the Portecle website at

When you import a self-signed or wildcard certificate, the key and certificate should be included in one file. For best practice, use a PDX file.

If Web Help Desk is installed on a drive other than the C drive, Portecle will not be able to run. To work around this issue, install a third party application such as Keystore Explorer. The application uses a similar installation process. However, SolarWinds does not support this application.

  1. Log in to the Web Help Desk host server as an administrator.
  2. Navigate to:

    C\Program Files\WebHelpDesk

  3. Double-click Portecle.bat.
  4. Click File > keystore_filecurrent Web Help Desk keystore.
  5. Enter the keystore password.

    The password is stored in the whd.conf file. The default password is changeit.

  6. Right-click tomcat and select Delete.
  7. Click Tools > Import key pair.

    Do not import the certificate using Tools > Import Trusted Certificate, as this option will not include the private key.
  8. Select the new self-signed or wildcard PFX certificate.
  9. Enter the password.

    Use the password you set when you exported the certificate to PDX.

  10. Set the alias to tomcat.
  11. Enter the key pair password.

    The password should be identical to the current keystore password.

  12. Save the keystore.
  13. Restart Web Help Desk.

About PKCS#12 files

The PKCS#12 standard specifies a keystore format used for transferring private keys and certificates. PKCS#12 files typically use the p12 or PFX extension. If you have your private key and certificate bundled in this format, you can import it directly into Porteclé.

If a PKCS#12 (p12 or PFX) file is not available, use the OpenSSL pkcs12 command to generate the file from a private key and a certificate. If your certificate is on a Windows server, export a PKCS#12 file from the Microsoft Management Console.