After upgrading to NFA 9.3.8 the SSO Service may not start if you previously had https configured, as some of the configuration files have changed to add enhanced security.
Changes to some of the Jetty/SSO configuration files to allow for security updates.
If you were on 9.3.6 previously with https successfully configured, after upgrading to 9.3.8 you will only need to follow steps 6-9 of the NFA 9.3.8 Configuration Guide.
If you were on 9.3.3 or earlier you will also have to create a certs directory in \<Install Dir>\NFA\certs and copy your certificate files into this directory.
For your convenience we have attached the files in a .zip that will need to be updated in the correct format for proper https configuration.
To apply these files follow the steps below:
1. Download the attached NFA_9.3.8_HTTPS_Config.zip file to your NFA console server and unzip the file.
2. Copy the start.ini to \<Install Directory>
3. Copy the other 3 files to \<Install Directory>
4. Edit the jetty-ssl-context.xml in wordpad or notepad++ (it is easier to view then in notepad).
Modify the lines below to reflect the location of your \<Install Directory>\NFA\certs directory and certificate files names where it says C:\CA\NFA\certs\CertificateName.pfx.
Also modify the password for your certificates where it states "YourPassword"
<Set name="KeyStoreProvider"><Property name="jetty.sslContext.keyStoreProvider"/></Set>
5. Save the file and restart your CA Performance Center SSO server and attempt to access NFA again using https.