Get Started!

˂ Return to FAQ

How to Replace the XTAM Self-signed SSL certificate with your own Trusted SSL Certificate

The default installation of XTAM includes a self-signed certificate that is deployed in order to provide web traffic encryption. Because this is a self-signed, non-trusted certificate you will receive a security warning message in your browser. Although you could choose to accept the warning and safely proceed to the secured localhost connection or deploy the self-signed certificate to your Trusted Root Certificate Authorities store, some may wish to simply replace it all together with their own, trusted certificate.

XTAM Self-signed Non-trusted SSL Certificate Warning

To replace our self-signed certificate with your trusted certificate, please perform the following steps.


On the XTAM installation host server open the file {XTAM_HOME}/web/conf/
Consider making a copy of the file before making any modifications.


Scroll down to the section labeled # SSL Certificate


Enter the path to your certificate for the parameter xtam.cert.path=


Enter the password for your certificate in the parameter xtam.cert.password=

To encrypt your password, open a command prompt, navigate to the {XTAM_HOME} directory and issue this command: bin\PamDirectory Encrypt – . During command execution, you will be prompted to enter the password.
Copy the entire encrypted password string output and paste it to the xtam.cert.password= parameter.


Save and close this file.


Restart the PamManagement (Windows) or pammanager (Linux) service.


When the service restarts (takes ~1 minute to complete), your login page will now be located at the path defined in your certificate file rather than the default localhost. For example,


Copyright © 2018 Xton Technologies, LLC. All rights reserved.