Papercut has a pretty good tutorial for updating/installing an SSL Certificate on papercut but I found it a little hard to follow, if you want to see the origionanl post go to https://www.papercut.com/kb/Main/SSLWithKeystoreExplorer. As in their post I also recommend using KeyStore Explorer for installing the SSL Certificate as it makes it much easier.
I am using an existing wildcard cert for securing this server. I have also setup the server to use port 80 and 443. I am working directly on the papercut server to create the cert, you can create the cert on another machine then copy the cert over and begin the import process using KeyStore Explorer, or even copy the file you create using keystore explorer to the papercut server.
To start if you haven't install the openssl tools, and create a compatible certificate if you haven't https://wiki.openssl.org/index.php/Binaries
Create you certificate (I'm working out of the OpenSSL Directory - "C:\Program Files\OpenSSL-Win64\bin") and my source is a wildcard cert for an apache webserver.
openssl pkcs12 - export -out $PATH\To\Save\$mycertname.pfx -inkey "$Path\to\privatekey\$cert.key" -in "$Path\to\crt\" enter export password and verify
I saved this to the OPENSSL directory.
To install the certificate into papercut open KeyStore Explorer
1. Click Create a new Key Store
2. Select JKS, then click OK
3. Click the Import Key Pair icon
4. Select the type of certificate you are using, then click OK, I'm using PKCS Certificate which we created earlier
5. Click Details to verify the certificate. If you get an error, it could be the password or the wrong certificate type
 |
 |
6. In the Enter Alias field, enter an alias for the newly imported Certificate, this can be anything, but in this case we are putting print.papercut.com, then click OK
7. Save your KeyStore
8. Set the password for your KeyStore then click OK, Remember to make a note of this, as you will need to re-enter this later when you set the value for the “server.ssl.keystore-password” value in the server.properties file.
9. I saved it in 2 places, my documents folder and to the papercut custom directory located in the PaperCutMF Server Folder ie (C:\Program Files\PaperCutMF\server\custom) which we will use later.
10. Edit the papercut server.properties file typically located in the server folder and change the values below to match your filename and passwords and remember to remove the # signs to enable these keys
server.ssl.keystore=custom/$papercut-keystore (in my case it is called papercut)
server.ssl.keystore-password=$PASSWORD
server.ssl.key-password=$PASSWORD
11. Restart the PaperCut Application Server service and check https://your.fully.qualified.domain.name:$port/admin, in my case it is https://print.papercut.com/admin
