1. Before we start
XMPro Platform consists of three main components:
- App Designer
- Data Stream Designer
- Subscription Manager
XMPro supports a wide range of deployment options e.g. Cloud, Docker, On-Premise, etc. However, before a deployment can be attempted some preparation steps are required which will be outlined below.
The Subscription Manager is responsible to manage Identity & Access for the whole XMPro Platform. In order to do this, it regularly issues authentication tokens to the users as they log into the system. These tokens must be signed by the server to ensure their validity, hence a signing certificate is required.
A PKCS 12 archived certificate .pfx file is required. The minimum length of the accepted private key is 2048. In order to generate a Signing certificate follow the instructions below:
- Open a command prompt as administrator and navigate to the OpenSSL install directory. The default location is
- Run following commands
cd C:\Program Files\OpenSSL-Win64
openssl genrsa -out sign.pem 2048
openssl req -new -x509 -key sign.pem -out sign.cer -days 1825
openssl pkcs12 -export -out sign.pfx -inkey sign.pem -in sign.cer
- Follow the prompts on the screen and complete the certificate request.
XMPro components use emails to notify users of certain events, for instance, a new User signed up, or your account is ready. In order for these notifications to work an SMTP account and server details are required. Please setup an account and have the necessary details handy, for example:
The XMPro Platform enforces secure communication using HTTPS/SSL. This means the server it is deployed to must have HTTPS configured. Depending on the deployment option you choose, you may have the following options:
- Order a certificate from a certificate authority (CA)
- Create a certificate in AWS (AWS deployment only)
- Create a self-signed certificate (On-Premise only)
If you need to create a self-signed certificate, open Windows PowerShell as administrator and follow the instructions below:
1. Run the New-SelfSignedCertificate cmdlet as shown below to add a certificate to the local store on your PC, replacing the fully qualified domain name (FQDN).
$cert = New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname <FQDN>
2. In this step, we will export the self-signed certificate. We will need to create a password as shown below to accomplish this step.
$pwd = ConvertTo-SecureString -String 'Enter Strong Password' -Force -AsPlainText
3. We will have to export the self-signed certificate using the Export-PfxCertificate cmdlet as shown below.
$path = 'cert:\localMachine\my\' + $cert.thumbprint
Export-PfxCertificate -cert $path -FilePath c:\cert.pfx -Password $pwd