Creating the Certificate Key Store for SSL

If you have a production-ready SSL certificate, it is easiest to store it in a keystore.pfx file that is saved in $WILDFLY_HOME/standalone/configuration/keystore.pfx. If you don't have a production ready server certificate, then you can either create a temporary self-signed one using cert.cmd, to get you started with testing, or buy a production certificate from, for example: https://www.globalsign.com/en/ssl/.
The script cert.cmd will generate a self-signed certificate and deposit it in a key store file called keystore.pfx. This file is saved in $WILDFLY_HOME/standalone/configuration/keystore.pfx.

cd /usr/local/ubisecure/customerid/tools
./cert.sh

If you are using self-signed certificates (like the one provided by default in the installation of Ubisecure SSO) also with Ubisecure SSO you need to import the public key into the Java certificate store (${JRE_HOME}/lib/security/cacerts file).

Setting WildFly UndertowRealm

Locate the script config-wildfly.sh and run it. This will relocate HTTP and HTTPS ports according to configuration that was specified in linux.config and set up the references to the key store containing the server certificate. It will also set host aliases. Make sure that all phases finish with a success status.

cd /usr/local/ubisecure/customerid/tools
./config-wildfly.sh

After these steps you can open a browser to the server's HTTPS port and verify that the connection is over HTTPS and check that the certificate information is what you would expect it to be under the circumstances.

Setting Up customerid.home System Property for WildFly

See instructions from WildFly system property registration on Linux - CustomerID.

Setting Up Audit and Diagnostic Logging

Starting from Ubisecure CustomerID 5.0.x, logging is managed centrally via the WildFly J2EE container. The script setup-logging.sh contacts WildFly management port and then sets up logging configuration to redirect Ubisecure CustomerID specific log entries to separate files. To set up logging, run the following commands in a command prompt:

cd /usr/local/ubisecure/customerid/tools
./setup-logging.sh

Setting Up a Mail Session

The mail session is set up by executing the script create-mail-session.sh.

cd /usr/local/ubisecure/customerid/tools
./create-mail-session.sh

NOTE: You need to have defined email related configuration in linux.config in order for the above script to work. If you are not going to send emails from Ubisecure CustomerID then this step can be skipped.

Browser not supported