How to remove an invalid SSL certificate and replace it with a self-signed

You need a valid certificate in order to use SSL in Xeams. An invalid certificate will cause the HTTPS port to not work in Xeams. Additionally, you will also not be able to use SSL when receiving inbound emails. In such cases, you may want to remove the invalid certificate and replace it with a self-signed.


Disadvantages of using a self-signed certificate

SSL provides two benefits:

  1. It encrypts the data between two parties
  2. Proves the identity of one party to the other. For example, the sender's server definitely knows it is talking to the correct server on the other end.

A self-signed certificate will only provide the first benefit. The server's identity cannot be verified when you use a self-signed certificate.

Steps to remove an existing certificate

  • Stop Xeams
  • Locate $INSTALL_DIR\config\AppConfig.xml file. $INSTALL_DIR refers to the folder where Xeams is installed, which is usually set to C:\Xeams on Windows, and /opt/Xeams/ on Linux.
  • Open AppConfig.xml in any editor and remove lines containing the following parameters:
    • sslCertificateFileName
    • sslCertificatePassword
    • sslCertKeystoreType
  • Save the file
  • Restart Xeams


Additional Configuration

You need to follow these steps ONLY if you had modified server.properties in the past, which is stored in $INSTALL_DIR\config folder. Remove any references to SSL certificate from server.properties if you had modified it in the past. Click here to learn more about server.properties.