Set up the certificates

Use Certificates to manage SSL and Apple Push Notification Services (APNS) certificates.

When a web browser submits an HTTPS request to Web Help Desk, the SSL protocol requires the application to respond with a certificate to verify the authenticity of the server. The certificate contains a public key used for encryption and a digital signature from a Certification Authority (CA). The digital signature indicates which CA verified the authenticity of the server.

Web Help Desk stores the certificates in the Java keystore located at:


You can also store the certificates in a separate Public-Key Cryptography Standards #12 (PKCS12) KeyStore, or Java KeyStore (JKS) that you create in Server Options.

APNS certificates enable Web Help Desk to send notifications to an Apple device running Web Help Desk Mobile and a supported Apple iOS. When enabled, the device receives Short Message Service (SMS) text messages each time a customer ticket is created or updated. Each Apple device requires a supported Apple iOS and the Web Help Desk Mobile application, which you can download from the Apple App Store.

SSL certificates

SSL certificates create a secure connection between Web Help Desk and an external resource. Web Help Desk supports the following SSL certificates:

  • Self-signed SSL certificate
  • Certificate from a Certificate Authority (CA)
  • Public-Key Cryptography Standards (PKCS) #12 certificate

The Certificates page displays all certificates that are currently in the keystore and defined in the .conf file. In this example, the Apache Tomcat SSL certificate is installed in the keystore.

The following table lists some third-party applications used with Web Help Desk that require an SSL certificate.

Product SSL certificate function
Apache Tomcat Creates a secure connection to the Apache Tomcat web and application server.
Microsoft Exchange Server Creates a secure connection to the Exchange server used to retrieve incoming Web Help Desk ticket emails sent from clients.
PostgreSQL  Creates a secure connection to an external PostgreSQL database.

HSTS support

Beginning in Web Help Desk 12.7.4, the application supports HTTP Strict Transport Security (HSTS). This web policy forces a secure HTTPS connection with Transport Layer Security (TLS) between a supported web browser and the Web Help Desk server. The web policy is enabled automatically after you import an SSL certificate from a trusted Certificate Authority (CA).

HSTS is an Internet Engineering Task Force (IETF) standards track protocol and is specified in RFC 6797.

Import an SSL certificate in CER format

Download the SSL certificate file in CER format from the certificate provider. After you unzip the file, upload the P12 or PFX certificate into Web Help Desk.

  1. Download the SSL certificate from the third-party software website.
  2. Unzip the file.
  3. Log in to Web Help Desk as an administrator.
  4. Click Setup > General > Certificates.
  5. Under Certificates in the Keystore, click Upload, and then click Browse.

    For an APNS Certificate, click Browse under Upload a new APNS Certificate file.

  6. Navigate to the unzipped file directory.
  7. Complete the on-screen prompts to install the SSL certificate.
  8. Click Restart to restart the Web Help Desk server.

    The SSL certificate is installed on the Web Help Desk server.

Import an SSL certificate in PFX format

This procedure describes how to import an SSL certificate in PFX format into Web Help Desk using the Porteclé application included with Web Help Desk. Porteclé is a third-party open-source utility that provides a graphical user interface for administering the keystore on the Windows or macOS platforms.

  1. Stop the Web Help Desk services.
  2. Navigate to:

    C:\Program Files\WebHelpDesk

  3. Right-click Portecle.bat and select Run as administrator.
  4. In Porteclé, click File > Open and then locate and open the keystore.jks file.

  5. Delete the existing keypair by deleting the tomcat entry.

    1. Right-click the tomcat entry and select Delete.
    2. Click Tools > Import Keypair and select your PFX/p.12 file.
  6. Enter the PFX password.
  7. Chang the alias name to:


  8. Click File > Save Keystore to save the keystore file, overwriting the existing file.
  9. Navigate to:

    C:\Program Files\WebHelpDesk\conf

  10. Open the whd.conf file in a text editor (such as Notepad).
  11. In the file, locate:

    # Keystore settings (for SSL connections)

  12. In this section, locate:


  13. Replace changeit with the same password you set for the keystore in a previous step.
  14. Save and close the whd.conf file.
  15. Restart the Web Help Desk services.

Delete a certificate

  1. Select a certificate in the keystore.
  2. Click Delete.
  3. Follow prompts on your screen to delete the certificate.

Edit an alias

Some resources require the keypair to have a specific alias. For example, the Apache Tomcat web server requires its keypair to have a tomcat alias to enable HTTPS. To change the certificate alias, upload the certificate into the keystore. When you are finished, select the certificate and edit the alias.

If the alias name is empty or incorrect, the resource will not use the correct certificate and create its own certificate.

  1. Locate the alias name required for the certificate.
  2. Select a certificate in the keystore.
  3. Click Edit Alias.
  4. Enter a new name for the certificate, and click Save.

    The new certificate name displays in the keystore list.

Apple Push Notification Services certificates

APNS requires an APNS Certificate that establishes the communications link between APNS and the Apple device. This certificate is included with Web Help Desk.

The APNS panel displays the current APNS Certificate expiration date and allows you to upload a new APNS Certificate file when the existing file expires.

To enable APNS on an Apple device:

  1. Set up and register the device with the Web Help Desk server.
  2. Enable SMS on the Apple device.
  3. Send a test notification message to the Apple device to verify that APNS is enabled.
  4. When the certificate expires, upload and install a new APNS certificate.

Set up and register a device

Install the Web Help Desk Mobile software and register the Apple device with the Web Help Desk server.

  1. Locate the following Web Help Desk server information:

    • Host name or IP address
    • Port number (secure TCP 8443 or non-secure TCP 8081)
  2. Download Web Help Desk Mobile from the Apple iTunes site.
  3. Install the software on the Apple device.
  4. Complete the online registration form.
  5. Log in to Web Help Desk.
  6. Click Setup > Techs > Techs.
  7. Click your name in the Tech Name column.

  8. In the Account Info tab, scroll down to Mobile Devices Setup and verify that your Apple device displays as a registered device.

Enable the Short Message Service (SMS)

Enable Web Help Desk to send SMS text messages to the Apple device.

  1. In the Account Info tab, click to enter Edit mode.
  2. Scroll down to E-Mail Setup and select the SMS E-Mail Enabled checkbox.

    Additional options display under the setting.

  3. Enter the email address associated with the Apple device.

    For example, if the device uses Verizon email, enter

    Contact your mobile carrier for the proper email format.

  4. Select the minimum ticket priority that triggers an SMS e-mail to the Apple device.
  5. Select the minimum ticket alert level that triggers an SMS e-mail to the Apple device.
  6. (Optional) Select the Repeating check box to continue sending SMS e-mails until the ticket condition is updated.
  7. Click Save.

Send a test notification message

Verify that the Apple device receives APNS notifications from the Web Help Desk server.

  1. Click Setup > General > Certificates in the Web Help Desk Console.
  2. Under Apple Push Notification Services, click Send Test Notification.
  3. Verify that you received a notification on your Apple device.

    APNS is configured for the Apple device.

Upload and install a new APNS certificate

When the APNS certificate expires, download a new APNS Certificate from the SolarWinds Customer Portal and install the certificate using the Web Help Desk Console.

  1. Download an updated APNS certificate.
    1. Log in to the SolarWinds Customer Portal.
    2. Click the License Management drop-down menu and select My Downloads.
    3. Click the Products drop-down menu and select Web Help Desk.
    4. Under Additional Downloads, locate the Apple Push Notification (APN) Certificate.
    5. Click Download.

      The file is downloaded to the server.

  2. Unzip the file contents to a network share.
  3. Click Setup > General > Certificates in the Web Help Desk Console.
  4. Under Upload a new APNS Certificate file, click Browse.
  5. Navigate to the unzipped file.
  6. Complete the on-screen prompts to complete the upload.

    If FIPS is enabled in your deployment, upload the certificate to the following directory:


  7. Click Restart to restart the Web Help Desk server.

    The new APNS certificate is installed and the new APNS certificate expiration date displays in the Certificates page.