This page is a suggestion on how to generate a certificate for the running RTC Launcher web services. Your IT policies might differ from the procedures below.

Generate Certificate Hash

For encryption via a secure channel (HTTPS) a certificate must be generated.

One of the ways to find the certificate hash is to get it using IIS:

  1. Open IIS and click on the Server Name.
  2. Open Server Certificates.
  3. Double-click the RTC Launcher certificates in the certificate list. 
  4. Open "Details" tab in the displayed "Certificate" pop-up.
  5. Find "Thumbprint" value, copy it, and (warning) remove all spaces.
  6. Ensure that the thumbprint does not have any additional symbols
  7. Use this value in the "Certificate Hash" field in the RTC setup.

Exchanging a certificate for the RTCLauncher Service due to expiration

There are two ways to exchange an expired certificate:


Variant A

  1. Generate a new certificate hash value as described above.
  2. Re-run the installer with the new "Certificate Hash" new value

Variant B

  1. Use the following commands below to get the same result;

    netsh http show sslcert
    POWERSHELL
  2. Figure out which port belongs to the current RTCLauncher-Service installation. (tick) Remember the port for later.

  3. Stop the RTC-Service (Services.msc)
  4. Remove the old entry with the following command.

    netsh delete sslcert ipport=[PORT_NUMBER]
    POWERSHELL
  5. Get the new thumbprint. (warning) Make sure there are no hidden special characters.

  6. Run the following command to add the new thumbprint

    netsh http add sslcert ` 
    ipport=0.0.0.0:[PORT_NUMBER] `
    certhash=[CERTIFICATEHASH] `
    appid={94EB7B1C-97E0-478A-AE65-2D713818ED3F}
    POWERSHELL
  7. Restart the RTC-Service (Services.msc)

  8. Visit the API-URL with the following appendix /api/healthcheck in the browser and verify that the new certificate is in use.
  9. Update the following registry entry as well, to make sure that the old thumbprint doesn't get used anymore
    HKEY_LOCAL_MACHINE\SOFTWARE\Luware AG\RTCLauncher-Service the CERTIFICATEHASH entry

When copying the Powershell code examples in this manual:

  • Make sure to keep braces { } and their values as they are.
  • Replace the brackets [ ] with your values.

Exchanging a certificate for RTCLauncher Admin and or Client due to expiration

  1. Generate a new certificate hash value as described above.
  2. Open IIS and select either RTCL-Client or RTCL-Admin
  3. Select Bindings under the Actions Tab
  4. And edit the https binding
  5. Add the new certificate