Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry AtHoc
  3. BlackBerry AtHoc 7.11
  4. Installation and Configuration Guide
  5. Postinstallation or upgrade configuration
  6. Update certificate metadata for AuthServices

Update certificate metadata for AuthServices

The appsettings configuration schema for AuthServices was changed in 7.11 to enable obtaining self-signed certificates from the Windows Certificate Store or invalid certificates from third-party vendors. Due to this change, the certificate metadata in the appsettings.json file must be modified after deployment.
You can still obtain the certificate from the Windows Certificate Store or from a disk. Set the ValidCertsOnly parameter to false to obtain self-signed and invalid certificates.
  1. Obtain a valid certificate.
  2. Import the valid certificate to the WINDOWS local store.
  3. Open the certificate file and capture the Thumbprint and Passcode.
  4. Open the 
    appsettings.json
     file found at 
    AtHocENS\wwwroot\AuthServices\Auth\appsettings.json
    .
    It is possible to add multiple certificate files, but you should add only one certificate file.
  5. Update the 
    appsettings.json
     file with one of the following:
    • To configure the certificate from a file system, use the following text: 
                    {"Logging": {
                "IncludeScopes": false,
                "LogLevel": {
                  "Default": "Error", // Trace, Debug, Information, Warning, Error, Critical,
             None
                  "System": "Information",
                  "Microsoft": "Information"
                }
              },
              "Certificates": [
                {
                  "CertificateLocation": "FileSystem", // Location: FileSystem,
             CertificateStore
                   "RelativeFilePath": ".\\wwwroot\\Certificates\\TokenSigningCertificate.pfx",
                   "Passcode": "
      <passcode>
      "
                 },
                ],
                "AllowedHosts": "*"}
    • To configure the certificate from the Windows Certificate Store, use the following text: 
                    {"Logging": {
                "IncludeScopes": false,
                "LogLevel": {
                  "Default": "Error", // Trace, Debug, Information, Warning, Error, Critical,
             None
                  "System": "Information",
                  "Microsoft": "Information"
                }
              },
              "Certificates": [
                {
                   "CertificateLocation": "CertificateStore",
                   "StoreName": "Root", // My (Personal), Root (Trusted Root), AddressBook,
              AuthRoot, CertificateAuthority, TrustedPeople, TrustedPublisher, Disallowed
                    "StoreLocation": "LocalMachine", // CurrentUser, LocalMachine
                    "Thumbprint": "
      <thumbprint>
      ",
                    "Passcode": "
      <passcode>
      ",
                    "ValidCertsOnly": true // for getting debug or development certificates
                  }
                ],
                "AllowedHosts": "*"}
  6. Update the values for Thumbprint and Passcode with the values you captured in Step 3.
  7. Save and close the 
    appsettings.json
     file.