I don't know what the email integration is doing, but it looks like it's not working. Since it didn't post properly in the webpage, here is what I actually replied with with the only thing I'd like to add is what Brad noted -- you are still going to get a "Not Secure" message, however you should still be able to access/open OneClick.
Here was what I wanted to post:
Were you able to figure this out?
Make sure your <SPECROOT>/tomcat/conf/server.xml has the same redirect port and SSL port.
Ie from my Windows machine:
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<Connector port="8080" URIEncoding="UTF-8" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" enableLookups="true" redirectPort="8443" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" tcpNoDelay="true" />
<!-- Define a SSL Coyote HTTP/1.1 Connector on port 443 -->
<Connector
port="8443"
enableLookups="true" disableUploadTimeout="true" tcpNoDelay="true"
acceptCount="100" scheme="https" secure="true" SSLEnabled="true"
clientAuth="false" sslProtocol="TLS"
ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
keystoreFile="C:/win32app/spectrum/custom/keystore/cacerts"
keystorePass="changeit">
</Connector>
Make sure your <SPECROOT>/custom/keystore/cacerts file has the self signed cert listed with the alias of tomcatssl
From a shell navigate to the <SPECROOT>/java/bin:
./keytool -list -v -alias tomcatssl -keystore ../../custom/keystore/cacerts
you should get output like this showing tomcatssl alias with a PrivateKeyEntry and the Owner and Issuer info should be the same:
Alias name: tomcatssl
Creation date: Sep 26, 2017
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=Jason, OU=Support, O=CA, L=Portsmouth, ST=NH, C=US
Issuer: CN=Jason, OU=Support, O=CA, L=Portsmouth, ST=NH, C=US
Serial number: 4a4f0e20
Valid from: Tue Sep 26 09:11:52 EDT 2017 until: Mon Dec 25 08:11:52 EST 2017
If there are any problems, delete your <SPECROOT>/custom/keystore/cacerts file and copy (don’t replace) the <SPECROOT>/Java/jre/lib/security/cacerts file back into the <SPECROOT>/custom/keystore and start over.
If it still doesn’t work after all that, I would suggest opening a support case.
Cheers
Jay