function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

CTI 4.0 with HTTPS deployment issues

I'm curious on how people using the CTI 4.0 adapter are deploying it when they convert the url from HTTP to HTTPS.  From what i've seen, in order to get it to work with SSL you have to use Httpcfg.exe to bind a cert to the port.  Seems that would be a deployment issue if you had to do that on all machines.  What challanges/workarounds have other people encountered?



It's not just a question of using httpcfg.exe to bind a cert to the port.  You also somehow have to either install the certificates that you made elsewhere (I have yet to make this work in all cases) or make them on the target system.  Either way, it's a problem if you want to deploy to a large number of systems.


hi folks,


This is definitely a challenge, and we've been struggling to find a good way to address it.


The root cause of the problem is that the 4.0 adapter is running a port listener on localhost. This listener passes all the messages between the adapter and softphone in the browser. This works fine as long as all the communication is in http.


Unfortunatelty when it comes to https, things get a little tricky. https needs a certificate to encrypt and decrypt communication, and that certificate is issue to each domain. However, the domain here is localhost. There's no way for salesforce to issue a certificate for localhost out of the box. That wouldn't even make sense (since there's not way for salesforce or any other cert authority to verify all communication over localhost).


This means that the certificate must be generated during deployment. Trust windows to make this a very challenging process.


What some partners have done is to create a batch script, which installes a pre-created cert on each machine that CTI-4.0 is deployed to.This might be a route to consider.


There are 2 useful resources for this. You've seen the note on httpcfg in the dev guide. Have a look at this link -

. It contains the basic steps that would be in the batch script.


If you do go the batch script route, it would be useful to send a copy our way. We want to regression test against it for future patch releases. If you are blocked, post on this thread again.







We have successfully deployed the CTI adapter utilizing HTTPS. I figured I would post the batch file we used to bind the adapter to localhost in hopes of assisting others. It was a challenge deploying the certificates, but fortunately we only had a small number of test machines. We had the IT folks install the certificates manually and run the batch file below.


::Bind the certificate to localhost


cd "C:\Program Files\SimpliCTI Software Solutions\SFDC AES Adapter\"

httpcfg set ssl -i -h (hash goes here without parenthesis) -g {00000000-0000-0000-0000-000000000000}



In the case fo the SimpliCTI adapter, you'll also need to edit the SalesforceCTI.exe.config file so it has https://localhost:11000/. It will not work without the S.



If you want to test to confirm the correct hash is binded to localhost you'll just need to run the command: httpcfg query ssl


Hopefully this helps people in the future!



Thanks VOIP_ . This is very helpful to the community...