Smart Connection can connect to Enterprise Server through SSL by using a WoodWing CA certificate and CA Root certificates of common Certificate Authorities such as those of Symantec.
Configuration
The SSL connection can be set up in various ways:
- By using root certificates from the Keychain
- By using the root certificates from Smart Connection
- By using the root certificates from a defined folder
1. Using root certificates from the Keychain
Notes:
|
In this setup, no configuration is done in Smart Connection. Any root certificates that are available in the Keychain are used for secure communication.
2. Using the root certificates from Smart Connection
Smart Connection includes Root certificates from the Mozilla CA Certificate Program. See the Mozilla documentation for the included certificates and their expiration dates.
To use these, enable the SSL option in Smart Connection.
Step 1. Access the WWSettings.xml file of Smart Connection.

MacOS
- /Library/Application Support/WoodWing
Windows
- c:\ProgramData\WoodWing
Note: This folder is hidden by default. To display this folder, change the folder options. (See the Windows Help file.)
Step 2. Locate the following line and un-comment it:
<SCEnt:SSL enable="true" cacertPath="certificate_path"/>
Step 3. Remove the certificate_path reference.
<SCEnt:SSL enable="true"/>
Step 4. Save the WWSettings.xml file.
Important: Make sure to validate the WWSettings.xml file for correct content. See Validating the WWSettings.xml file.
Step 5. Restart Smart Connection and log in to Enterprise Server.
3. Using the root certificates from a defined folder
Step 1. Access the WWSettings.xml file of Smart Connection.

MacOS
- /Library/Application Support/WoodWing
Windows
- c:\ProgramData\WoodWing
Note: This folder is hidden by default. To display this folder, change the folder options. (See the Windows Help file.)
Step 2. Locate the following line and un-comment it:
<SCEnt:SSL enable="true" cacertPath="certificate_path"/>
Step 3. Replace certificate_path by the path to the certificate.
Example (MacOS):<SCEnt:SSL enable="true" cacertPath="/Library/Application Support/WoodWing/Cert123.pem"/>
Note: Make sure that the correct quotation marks are used, as shown in the example above.
Step 4. Save the WWSettings.xml file.
Important: Make sure to validate the WWSettings.xml file for correct content. See Validating the WWSettings.xml file.
Step 5. Restart Smart Connection and log in to Enterprise Server.
The root certificates from Smart Connection are now stored locally in the following file:
- For MacOS
- Users/<user name>/Documents/SmartConnection.noindex/InCopy/cacert.pem
- Users/<user name>/Documents/SmartConnection.noindex/InDesign/cacert.pem
- For Windows
- C:\Users\<username>\My Documents\SmartConnection.noindex\InCopy\cacert.pem
- C:\Users\<username>\My Documents\SmartConnection.noindex\InDesign\cacert.pem
Using encryption keys
To let a user connect to Enterprise Server by making use of an encryption key, add cryptkey="[key name]
" to the server URL in the WWSettings.xml file:
- Static:
<SCEnt:ServerInfo name="Enterprise" url="http://10.0.0.1/Enterprise/index.php" cryptkey="..."/>
- Dynamic:
<SCEnt:ServerInfo name="SC Enterprise" url="http://10.0.0.1/Enterprise/index.php" cryptkey="..."/>
Changing the SSL version
Smart Connection forces SSL connections to use TLSv1 by default. This behavior can be changed by adding the sslVersion setting to the WWSettings.xml file:
<SCEnt:SSL sslVersion="SSLv3"/>
Available options for the sslVersion parameter:
- TLSv11
- SSLv32
- Auto3
1 This is the default and applies to TLSv1.0 or later.
2 Usage of SSLv3 is discouraged as this is no longer considered secure.
3 The use of 'Auto' is not encouraged because of potential incompatibilities between the versions of OpenSSL used on the client and on the server. These incompatibilities result in connection failures.
Troubleshooting
For troubleshooting SSL, visit the Apache documentation: SSL/TLS Strong Encryption.
Document history
- 27 July 2020: Updated section 2 'Using the root certificates from Smart Connection' with information about the Mozilla CA Certificate Program.
- 27 July 2020: Updated section 1 'Using root certificates from the Keychain' with a note about support for RabbitMQ.
Comments
Do you have corrections or additional information about this article? Leave a comment!
Do you have a question about what is described in this article? Please contact support here.
0 comments
Please sign in to leave a comment.