Converting the PFX Certificate to PEM Certificates for the Spok Notification Framework
This procedure must be completed following the installation of Spok Mobile at customer sites where the Spok Notification Framework will be used to support non-GCM Android devices. This procedure is completed by a Spok PSG professional to convert PFX format certificates to the three PEM format certificates needed to make the framework secure via TLS.
Complete this procedure to convert the PFX certificate to three PEM certificates that must be in place to be used by the Spok Notification Framework.
Before you begin, ensure that the certificate has been exported to PFX format and that the you have the required password. The customer typically creates the PFX and will therefore need to supply the password that they created when they created the file.
The certificate that was exported to PFX from the Windows certificate stores must be converted into three PEM certificates. To do this, perform the following steps.
- On the Spok Mobile server, open the Run program by pressing
Windows key + R.
EnterCMD
in the Open field. Press Enter. - In the command prompt window, navigate to to the directory by executing:
cd C:/ProgramData/Spok/RabbitMQ/SSL
- Execute
ConvertCertificate.bat password
. This will separate the PFX certificate into three PEM certificates:root.pem, server.pem
andkey.pem
.- In the command prompt window, enter the password that was set when the certificate was exported to PFX. Press Enter.
- Take note of any “Invalid Password” messages you see at this time. You must rerun the ConvertCertificate.bat script if any invalid password messages appear.
- Once the conversion has completed successfully, confirm that the three certificate files
root.pem
,server.pem
and
key.pem
were created in the%AppData%\RabbitMQ\
Certs
directory.- Each PEM file must be at least 1KB or larger in size; this means the conversion was successful. If either file is 0KB, then the file is empty ("zeroed") and you must run the script again.
WARNING: Do not change the names of the converted PEM files. They must be named root.pem, server.pem and key.pem.
- In the command prompt, navigate to the directory
cd C:/Program Files/RabbitMQ Server/rabbitmq_server-version/sbin
and execute the following commands to re-install the RabbitMQ service:rabbitmq-service remove
rabbitmq-service install
rabbitmq-service start
rabbitmqctl start_app" - The certificates on the Care Connect Suite server are now in place, and the RabbitMQ service needed for the Spok Notification Framework now uses it.