Skip to main content

ShareScan 5.1: How to create a self-signed certificate for webclient devices


When using an secure connection with webclient devices, the Apache Tomcat certificate may need to be adjusted per the below steps to prevent conflicts. The below steps are relevant for ShareScan version 5.1. For ShareScan version 5.0 please refer to the steps in .

In this document, references to [Tomcat_Dir] correspond to the following locations:

  • 64 bit Operating System: C:\Program Files (x86)\Nuance\Tomcat 7.0\ 
  • 32 bit Operating System: C:\Program Files\Nuance\Tomcat 7.0\ 
  1. Back up the existing key files by making a copy in another directory then remove the below files:
    • [Tomcat_Dir]\conf\ecopy.key
    • [Tomcat_Dir]\webapps\ROOT\ecopy.pem
    • [Tomcat_Dir]\webapps\ROOT\ecopy.cer
  2. Go to Start > Run> All Programs>Accessories> Right Click on Command Prompt and select "Run as Administrator"
  3. Change directory to [Tomcat_Dir]\conf by typing CD then typing in the full path for this location then hitting the Enter key
  4. type "createEcopyKey.bat "then hit the Enter key. This will run the batch file and should generate the key files.
    • : In some cases, full qualified domain name is required. Please consult vendor specific documentation for recommendations
    • : This is the directory where the Java Keytool is installed to.
      • Java Version 6 Keytool :
        • 32 bit Operating System: "C:\Program Files\Java\jre6\bin\keytool.exe"
        • 64 bit Operating System: "C:\Program Files (x86)\Java\jre6\bin\keytool.exe"
      • Java Version 7 Keytool:
        • Due to changes in Java 7 keytool encryption, the Java version 6 keytool is recommended when creating certificates. Additional steps are required to use the Java 7 keytool and are documented in 
        • 32 bit Operating System: "C:\Program Files\Java\jre7\bin\keytool.exe"
        • 64 bit Operating System: "C:\Program Files (x86)\Java\jre7\bin\keytool.exe"
    • : Set the quantity of days that the certificate should be valid for. Certain devices may have maximum ckertificate validity legnth requirements. Please consult device specific documentations. Common values are 365 (1 year) 1825 (5 years) 3650 (10 years)
    • Example of the command string: createEcopyKey.bat "C:\Program Files (x86)\Java\jre6\bin\keytool.exe" 3650
  5. Restart the ShareScan Server or PC 
  6. The certificate files should now be available for installation on the MFP

The below are common issue(s) with SSL certificates specific to Konica Minolta Devices