Using SSL to secure the connection between Studio Server and Studio for InDesign and InCopy – Help Center

Studio for InDesign and InCopy can connect to Studio Server through SSL by using a WoodWing CA certificate and CA Root certificates of common Certificate Authorities such as those of Symantec.

This article explains how to set this up.

Configuration

The SSL connection can be set up in various ways:

By using root certificates from the Keychain
By using the root certificates from Studio for InDesign and InCopy
By using the root certificates from a defined folder

1. Using root certificates from the Keychain

Notes:

This option is only available for MacOS, not for Windows.

The root certificates from the Keychain cannot be used when RabbitMQ has to be accessed over a secure connection.

In this setup, no configuration is done in Studio for InDesign and InCopy. Any root certificates that are available in the Keychain are used for secure communication.

2. Using the root certificates from Studio for InDesign and InCopy

Studio for InDesign and InCopy includes Root certificates from the Mozilla CA Certificate Program. See the Mozilla documentation for the included certificates and their expiration dates.

To use these, enable the SSL option in Studio for InDesign and InCopy.

Step 1. Access the WWSettings.xml file of Studio for InDesign and InCopy.

Step 2. Locate the following line and un-comment it:

<SCEnt:SSL enable="true" cacertPath="certificate_path"/>

Step 3. Remove the certificate_path reference.

<SCEnt:SSL enable="true"/>

Step 4. Save the WWSettings.xml file.

Important: Make sure to validate the WWSettings.xml file for correct content. See Validating the WWSettings.xml file.

Step 5. Restart Studio for InDesign and InCopy and log in to Studio Server.

3. Using the root certificates from a defined folder

Info: This feature is not supported by the preview feature of Studio Server 10.11.x (using the InDesign Server integration).

Step 1. Access the WWSettings.xml file of Studio for InDesign and InCopy.

Step 2. Locate the following line and un-comment it:

<SCEnt:SSL enable="true" cacertPath="certificate_path"/>

Step 3. Replace certificate_path by the path to the certificate.

Example (MacOS):<SCEnt:SSL enable="true" cacertPath="/Library/Application Support/WoodWing/Cert123.pem"/>

Note: Make sure that the correct quotation marks are used, as shown in the example above.

Step 4. Save the WWSettings.xml file.

Important: Make sure to validate the WWSettings.xml file for correct content. See Validating the WWSettings.xml file.

Step 5. Restart Studio for InDesign and InCopy and log in to Studio Server.

The default location in which the root certificates are now stored depends on the version of Studio for InDesign and InCopy that is used, as outlined below.

Note: This location can be customized by using the UseCustomBaseFolder setting.

Version 20 for Adobe 2025 and higher

For Studio for InDesign and InCopy 20.0.0 for Adobe 2025 or any higher version of Studio for InDesign and InCopy, the default location is as follows:

macOS

Users/<user name>/Library/Application Support/WoodWingStudio.noindex/InCopy/cacert.pem
Users/<user name>/Library/Application Support/WoodWingStudio.noindex/InDesign/cacert.pem

Windows

C:\Users\<username>\appdata\local\WoodWingStudio.noindex\InCopy/cacert.pem
C:\Users\<username>\appdata\local\WoodWingStudio.noindex\InDesign/cacert.pem

Version 19 for Adobe 2024 and lower

For Studio for InDesign and InCopy 19.0.0 for Adobe 2024 or any lower version of Studio for InDesign and InCopy, the default location is as follows:

macOS

Users/<user name>/Documents/WoodWingStudio.noindex/InCopy/cacert.pem
Users/<user name>/Documents/WoodWingStudio.noindex/InDesign/cacert.pem

Windows

C:\Users\<username>\My Documents\WoodWingStudio.noindex\InCopy/cacert.pem
C:\Users\<username>\My Documents\WoodWingStudio.noindex\InDesign/cacert.pem

Using encryption keys

Info: This feature is not supported by the preview feature of Studio Server 10.11.x (using the InDesign Server integration).

To let a user connect to Studio Server by making use of an encryption key, add cryptkey="[key name]" to the server URL in the WWSettings.xml file:

Static:

<SCEnt:ServerInfo name="Studio Server" url="http://10.0.0.1/Enterprise/index.php" cryptkey="..."/>

Dynamic:

<SCEnt:ServerInfo name="Studio Server" url="http://10.0.0.1/Enterprise/index.php" cryptkey="..."/>

Changing the SSL version

Studio for InDesign and InCopy forces SSL connections to use TLSv1 or later by default. The underlying libcurl library negotiates with the server environment about which TLS version to use. The TLS version can be either TLS v1.0, v1.1, v1.2 or v1.3, depending on the server environment.

In case a connection should be established with the deprecated and insecure SSL v3, the following additional configuration should be added to the WWSettings.xml file:

Important: This disables the connection over the more secure TLS versions, and is therefore not encouraged.

<SCEnt:SSL sslVersion="SSLv3"/>

Troubleshooting

For troubleshooting SSL, visit the Apache documentation: SSL/TLS Strong Encryption.