Resource Center - Blackboard Transaction System

Blackboard Transaction System

Campus system used to control all the functionality of the Hill Card. Functions include door access, dining, laundry, vending, copying, facility access at Fitness Center, Hill Card use at participating Clinton merchants and the Discover card portion of the Hill Card.

Available Resources

Refine Results:

Blackboard Transaction System

Installing or Updating the SSL certificate on BBTS.hamilton.edu Blackboard Transaction System NOTE: This article was adapted from a Blackboard Transaction System support document for Hamilton College. Install New Wildcard Certificate 1. Remote to bbts.hamilton.edu. This requires a Microsoft RDP client (can't use Cord). 2. Open the IIS Manager - Start > Administrative Tools > Internet Information Services Manager 3. Click on the server name. 4. Under IIS, double-click on Server Certificates 5. Click Import... on the right. 6. Select the PFX file for the current Wildcard certificate (\\ess\its\Network Services\SSL Certs\WildcardSSL<year>.pfx) 7. Password is hamster. Open Certificate Manager 1. On the Taskbar, click Start, then click Run, type MMC in the Open box, and then click OK. 2. In the new window that opened click File and then click Add/Remove Snap- in.... 3. Double-click Certificates in the Available snap-ins box. 4. Select Computer account and then click Next. 5. Select Local Computer: (the computer this console is running on),click Finish, and OK. Install the Intermediate Certificate If you are updating an existing certificate, this should not be necessary. 1. Open the Certificate Manager (if not already open) 2. Expand Certificates 3. Right-click on Intermediate Certificates and select All Tasks > Import... 4. Click next, then Browse to select the file at \\ess\its\Network Services\SSL Certs\gd_iis_intermediates.p7b (you may want to update this file from GoDaddy in case there is a new version) 5. Click Next, then Next again, then Finish Export the Full Chain for use in Blackboard Services 1.Open the Certificate Manager (if not already open) 3. Double-click Certificates (Local Computer), double-click Personal, and then double-click Certificates. 4. Right-click on the SSL certificate (the newest *.hamilton.edu), click All Tasks..., and then click Export... 5. Click Next on the Welcome to the Certificate Export wizard window. 6. Select Yes, export the private key and click Next. 7. Select Personal Information Exchange - PCKS #12 (.PFX), select the check box Include all certificates in the certification path if possible, then click Next. 8. Type "pfxpassword" in the Password box, type "pfxpassword" in the Type and confirm password (mandatory) box, and then click Next >. 9. Type "E:\Blackboard\Transaction System\Server\Tools\OpenSSL\BBTS.hamilton.edu.pfx" in the File name box. 10. Verify the information in the You have specified the following settings box, and then click Finish. 11. Click OK when prompted The export was successful. 12. Click File, then click Exit in the Microsoft Management Console windows. Using the PFX file to generate the PEM files needed by the Bb Services The MakePEMs.bat batch file (script text is below) is used to do everything. It is used instead of GenerateDHKey.bat. If there is an existing MakePEMs.bat file then edit it to make sure the '[servername].pfx' name has not changed and is correct in the batch file. 1. If MakePEMsGoDaddy.bat doesn't exist in "E:\Blackboard\Transaction System\Server\Tools\OpenSSL", create a new text document. - Rename it to "MakePEMsGoDaddy.bat". Note that if the display of file extensions has been turned off it will not be possible to truly rename this file. Acknowledge any warnings about changing file extensions. 3. Open the file by RIGHT-CLICK and choose Edit. Get in the habit of NOT double- clicking a batch file unless you intend to run it. Copy the text at the end of this document then paste it into this new "MakePEMsGoDaddy.bat" text file window. 4. Edit the "SET PFXFILE=" line in MakePEMs.bat by adding the name of the PFX file exported above (BBTS.hamilton.edu.pfx). Don't forget the ".PFX" part of the name. Example: Change: SET PFXFILE=!CHANGEME! To be: SET PFXFILE=BBTS.hamilton.edu.pfx 5. Save MakePEMsGoDaddy.bat. 6. Double-click MakePEMsGoDaddy.bat to run it. It goes through the steps displaying what it is doing and pausing after each step. Use CTRL-C to stop running the script at any point. This is useful if one only wants to generate the PEM files and copy them to where they go but doesn't want to restart the service yet. MakePEMsGoDaddy.bat does the following steps pausing after each one 1. Deletes any existing "server.pem" and "dh512.pem" 2. Generates a new "server.pem" 3. Generates a new "dh512.pem" 4. Copies the new .PEMs to the "\Server\Services" folder 5. Restarts the BbReader and Dining services It is possible to test the Server.PEM file is able to authenticate using the CA.PEM file. The following KB article explains how to do this: http://www.fuzeqna.com/bbtshelp/consumer/kbdetail.asp?kbid=507 --- MakePEMs.bat text @ECHO OFF REM This batch file goes in: REM E:\Blackboard\Transaction System\Server\Tools\OpenSSL REM This batch file assumes the standard install where the REM Blackboard folder (software) is on an "E:" drive letter. REM If this is a non-standard install that uses another drive REM letter (e.g. "D:") then edit this batch file. Replace "E:" REM with the correct drive letter for this system. SET PFXFILE=!CHANGEME! REM Enter the full name of the PFX file above. Remember the REM '.PFX' file extention. Only change the above "SET" line. REM Do not change the error check "if..." line below. ECHO This will use the file %PFFILE% a the source ECHO Edit the batch file to change this if needed ECHO. PAUSE if not %PFFILE%==CHANGEME! goto DOIT ECHO ERROR!! The instructions were not followed! ECHO ERROR!! %PFFILE% i not a valid .PFX file name ECHO ERROR!! Close this window and get some help PAUSE GOTO END :DOIT E: CD "E:\Blackboard\Transaction System\Server\Tools\OpenSSL" ECHO. ECHO Deleting existing files about to create ECHO OK if there are one or two file not found errors. ECHO. DEL /Q server.pem DEL /Q dh512.pem ECHO. ECHO The warning about not opening openssl.cnf is OK. ECHO When asked the password is: pfxpassword ECHO NOTE: Nothing is shown as the password is typed in. ECHO. openssl pkcs12 -in %PFFILE% -ut server.pem -nodes ECHO. ECHO server.pem created from %PFFILE% ECHO. ECHO Next is to create dh512.pem from server.pem PAUSE ECHO. ECHO The warning about not opening openssl.cnf is still OK. ECHO. openssl dhparam -5 -check -outform PEM -out dh512.pem -5 -text 512 ECHO. ECHO dh512.pem created from server.pem ECHO. ECHO Next is copy .PEM files to Services folder. PAUSE ECHO. COPY /V /Y server.pem "E:\Blackboard\Transaction System\Server\Services" COPY /V /Y dh512.pem "E:\Blackboard\Transaction System\Server\Services" ECHO Copied .PEM files to Services folder ECHO. ECHO Next is to restart the Bb Readers Service. PAUSE ECHO. ECHO Restarting the Bb Readers Service ECHO. NET STOP "BbTS Bb Readers Host" ECHO. NET START "BbTS Bb Readers Host" ECHO. ECHO Next is to restart the Dining Service. PAUSE ECHO. ECHO Restarting the Dining Service ECHO. NET STOP "BbTS Dining Services, Activities Host" ECHO. NET START "BbTS Dining Services, Activities Host" ECHO. ECHO Next is to restart the Payment Gateway Service. PAUSE ECHO. ECHO Restarting the Payment Gateway Service ECHO. NET STOP "BbTS Payment Gateway Host" ECHO. NET START "BbTS Payment Gateway Host" ECHO. ECHO All done. PAUSE :END

Web Servers

Installing or Updating the SSL certificate on BBTS.hamilton.edu Web Servers NOTE: This article was adapted from a Blackboard Transaction System support document for Hamilton College. Install New Wildcard Certificate 1. Remote to bbts.hamilton.edu. This requires a Microsoft RDP client (can't use Cord). 2. Open the IIS Manager - Start > Administrative Tools > Internet Information Services Manager 3. Click on the server name. 4. Under IIS, double-click on Server Certificates 5. Click Import... on the right. 6. Select the PFX file for the current Wildcard certificate (\\ess\its\Network Services\SSL Certs\WildcardSSL<year>.pfx) 7. Password is hamster. Open Certificate Manager 1. On the Taskbar, click Start, then click Run, type MMC in the Open box, and then click OK. 2. In the new window that opened click File and then click Add/Remove Snap- in.... 3. Double-click Certificates in the Available snap-ins box. 4. Select Computer account and then click Next. 5. Select Local Computer: (the computer this console is running on),click Finish, and OK. Install the Intermediate Certificate If you are updating an existing certificate, this should not be necessary. 1. Open the Certificate Manager (if not already open) 2. Expand Certificates 3. Right-click on Intermediate Certificates and select All Tasks > Import... 4. Click next, then Browse to select the file at \\ess\its\Network Services\SSL Certs\gd_iis_intermediates.p7b (you may want to update this file from GoDaddy in case there is a new version) 5. Click Next, then Next again, then Finish Export the Full Chain for use in Blackboard Services 1.Open the Certificate Manager (if not already open) 3. Double-click Certificates (Local Computer), double-click Personal, and then double-click Certificates. 4. Right-click on the SSL certificate (the newest *.hamilton.edu), click All Tasks..., and then click Export... 5. Click Next on the Welcome to the Certificate Export wizard window. 6. Select Yes, export the private key and click Next. 7. Select Personal Information Exchange - PCKS #12 (.PFX), select the check box Include all certificates in the certification path if possible, then click Next. 8. Type "pfxpassword" in the Password box, type "pfxpassword" in the Type and confirm password (mandatory) box, and then click Next >. 9. Type "E:\Blackboard\Transaction System\Server\Tools\OpenSSL\BBTS.hamilton.edu.pfx" in the File name box. 10. Verify the information in the You have specified the following settings box, and then click Finish. 11. Click OK when prompted The export was successful. 12. Click File, then click Exit in the Microsoft Management Console windows. Using the PFX file to generate the PEM files needed by the Bb Services The MakePEMs.bat batch file (script text is below) is used to do everything. It is used instead of GenerateDHKey.bat. If there is an existing MakePEMs.bat file then edit it to make sure the '[servername].pfx' name has not changed and is correct in the batch file. 1. If MakePEMsGoDaddy.bat doesn't exist in "E:\Blackboard\Transaction System\Server\Tools\OpenSSL", create a new text document. - Rename it to "MakePEMsGoDaddy.bat". Note that if the display of file extensions has been turned off it will not be possible to truly rename this file. Acknowledge any warnings about changing file extensions. 3. Open the file by RIGHT-CLICK and choose Edit. Get in the habit of NOT double- clicking a batch file unless you intend to run it. Copy the text at the end of this document then paste it into this new "MakePEMsGoDaddy.bat" text file window. 4. Edit the "SET PFXFILE=" line in MakePEMs.bat by adding the name of the PFX file exported above (BBTS.hamilton.edu.pfx). Don't forget the ".PFX" part of the name. Example: Change: SET PFXFILE=!CHANGEME! To be: SET PFXFILE=BBTS.hamilton.edu.pfx 5. Save MakePEMsGoDaddy.bat. 6. Double-click MakePEMsGoDaddy.bat to run it. It goes through the steps displaying what it is doing and pausing after each step. Use CTRL-C to stop running the script at any point. This is useful if one only wants to generate the PEM files and copy them to where they go but doesn't want to restart the service yet. MakePEMsGoDaddy.bat does the following steps pausing after each one 1. Deletes any existing "server.pem" and "dh512.pem" 2. Generates a new "server.pem" 3. Generates a new "dh512.pem" 4. Copies the new .PEMs to the "\Server\Services" folder 5. Restarts the BbReader and Dining services It is possible to test the Server.PEM file is able to authenticate using the CA.PEM file. The following KB article explains how to do this: http://www.fuzeqna.com/bbtshelp/consumer/kbdetail.asp?kbid=507 --- MakePEMs.bat text @ECHO OFF REM This batch file goes in: REM E:\Blackboard\Transaction System\Server\Tools\OpenSSL REM This batch file assumes the standard install where the REM Blackboard folder (software) is on an "E:" drive letter. REM If this is a non-standard install that uses another drive REM letter (e.g. "D:") then edit this batch file. Replace "E:" REM with the correct drive letter for this system. SET PFXFILE=!CHANGEME! REM Enter the full name of the PFX file above. Remember the REM '.PFX' file extention. Only change the above "SET" line. REM Do not change the error check "if..." line below. ECHO This will use the file %PFFILE% a the source ECHO Edit the batch file to change this if needed ECHO. PAUSE if not %PFFILE%==CHANGEME! goto DOIT ECHO ERROR!! The instructions were not followed! ECHO ERROR!! %PFFILE% i not a valid .PFX file name ECHO ERROR!! Close this window and get some help PAUSE GOTO END :DOIT E: CD "E:\Blackboard\Transaction System\Server\Tools\OpenSSL" ECHO. ECHO Deleting existing files about to create ECHO OK if there are one or two file not found errors. ECHO. DEL /Q server.pem DEL /Q dh512.pem ECHO. ECHO The warning about not opening openssl.cnf is OK. ECHO When asked the password is: pfxpassword ECHO NOTE: Nothing is shown as the password is typed in. ECHO. openssl pkcs12 -in %PFFILE% -ut server.pem -nodes ECHO. ECHO server.pem created from %PFFILE% ECHO. ECHO Next is to create dh512.pem from server.pem PAUSE ECHO. ECHO The warning about not opening openssl.cnf is still OK. ECHO. openssl dhparam -5 -check -outform PEM -out dh512.pem -5 -text 512 ECHO. ECHO dh512.pem created from server.pem ECHO. ECHO Next is copy .PEM files to Services folder. PAUSE ECHO. COPY /V /Y server.pem "E:\Blackboard\Transaction System\Server\Services" COPY /V /Y dh512.pem "E:\Blackboard\Transaction System\Server\Services" ECHO Copied .PEM files to Services folder ECHO. ECHO Next is to restart the Bb Readers Service. PAUSE ECHO. ECHO Restarting the Bb Readers Service ECHO. NET STOP "BbTS Bb Readers Host" ECHO. NET START "BbTS Bb Readers Host" ECHO. ECHO Next is to restart the Dining Service. PAUSE ECHO. ECHO Restarting the Dining Service ECHO. NET STOP "BbTS Dining Services, Activities Host" ECHO. NET START "BbTS Dining Services, Activities Host" ECHO. ECHO Next is to restart the Payment Gateway Service. PAUSE ECHO. ECHO Restarting the Payment Gateway Service ECHO. NET STOP "BbTS Payment Gateway Host" ECHO. NET START "BbTS Payment Gateway Host" ECHO. ECHO All done. PAUSE :END