Import an existing certificate

By default, Web Help Desk creates a self-signed certificate. Since the certificate is not signed, it displays as not trusted. You can obtain a signed certificate from a Certificate Authority (CA), such as Comodo, GoDaddy, and others. To obtain a certificate, you can create a Certificate Request or use an existing certificate.

To use an existing certificate with Web Help Desk, import your private key and your certificate chain.

Import a wildcard certificate

Large organizations may use a signed certificate (such as a wildcard certificate) throughout their domain. This certificate may be stored in a central location (such the Central Certificate Store (CCS) included with Windows Server 2012 and higher) and distributed on demand.

You can import a self-signed wildcard certificate in personal information exchange format (PFX) to your Web Help Desk keystore. The import should include they and certificate in a single file.

If you cannot import the PFX file using the Web Help Desk Administrator Console, import the file using Portecle, which is included with your Web Help Desk program files. You can download the user documentation from the Portecle website at

If Web Help Desk is installed on another drive other than drive C, Portecle will not be able to run. To work around this scenario, install a third party application such as Keystore Explorer. The application uses a similar installation process. However, SolarWinds does not provide support this application.
  1. Log in to the Web Help Desk host server as an administrator.
  2. Navigate to:

    C\Program Files\WebHelpDesk

  3. Double-click Portecle.bat.
  4. Enter your keystore password. This password is located in the whd.conf file.

    The default password is changeit.
  5. Right-click tomcat and select Delete.
  6. Click Tools > Import key pair.

    Do not import the certificate using Tools > Import Trusted Certificate, as this option will not include the private key.
  7. Select the new self-signed or wildcard PFX certificate.
  8. Enter the password.

    This password should be identical to the current keystore password.

  9. Save the keystore.
  10. Restart Web Help Desk.

Import a self-signed certificate

Self-signed certificates do not contain CA certificates. As a result, use your group policy object (GPO) to push the PDX file to a trusted certificate store.

About PKCS#12 files

The PKCS#12 standard specifies a keystore format used for transferring private keys and certificates. PKCS#12 files typically use the p12 or PFX extension. If you have your private key and certificate bundled in this format, you can import it directly into Porteclé.

If a PKCS#12 (p12 or PFX) file is not available, use the OpenSSL pkcs12 command to generate the file from a private key and a certificate. If your certificate is on a Windows server, export a PKCS#12 file from the Microsoft Management Console.