Contents

Configuring IC SOAP Listener to work with IC 4.0 and 2015 or later

The IC SOAP Listener install does not properly handle certificate mappings necessary for connecting to the IC 4.0 and 2015+ Notifier. This article describes the steps required to enable IC SOAP Listener to function in an CIC 4.0 or COC 2015+ environment when installed on a separate web server.

Perform these steps after the CIC SOAP Listener component is installed on the web server and patched to the latest SU level.

Update the IC User Configuration

Navigate to C:\Program Files (x86)\Interactive Intelligence\SOAPListener\Filter directory.
Edit the I3SOAPISAPIConfig.xml file.
Update tag values, where:
- ICSERVER is the name of the CIC server to which a connection should be made
- ICUSERNAME is the name of a valid user account on the CIC server
- ICPASSWORD is the password for CC user
Save the file.

Update the Registry

Open the registry by navigating to Start | Run | regedit.
Select the HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Interactive Intelligence\Certificates registry key. If this key does not exist create it.
Under this key there should be an entry named Path with type REG_SZ and a data value of C:\Program Files (x86)\Interactive Intelligence\Certificates. If this key does not exist create it.
Right-click the HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Interactive Intelligence\Certificates key. Then select Permissions….
Grant the NETWORK user Full Control access over this key.

Use the NETWORK user not the NETWORK SERVICE user.

Update Environment Variables

Right-click My Computer* and select *Properties.
Select Advanced System Settings.
- Click the Environment Variables button.
Add a new System variable with a Variable name of ININ_Certificates. Set a Variable value of C:\Program Files (x86)\Interactive Intelligence\Certificates\<WEB SERVER NAME>_ININ_Certificates.xml where <WEB SERVER NAME> is the name of the web server the IC SOAP Listener component was installed on.Updating the Certificates Directory:
Navigate to C:\Program Files (x86)\Interactive Intelligence.
Right-click the Certificates folder and select Properties. If this folder does not exist create it.
Select the Security tab
Grant the NETWORK user Full Control over this directory

Use the NETWORK user not the NETWORK SERVICE user.
Restart the server.
After the restart, use the command gensslcertsu -c <notifier> -f to generate certificates against each IC server the SOAP Listener will connect to.

Update IIS Settings

Under ISAPI and CGI Restrictions, add a new entry, specifying the I3SOAPISAPIU.dll, and select "Allow extension path to execute".
Under SoapListener web site, select Handler Mappings.
Add a Module Mapping.
- Request path: *.dll
- Module: IsapiModule
- Executable: browse to I3SOAPISAPIU.dll
- Enable Execute under the Access tab in Request Restrictions
Select the Application Pools tab, then select the app pool that the default website is configured under, then "Advanced Settings".
For SoapListener, set 32-Bit Applications to True.
Set Managed Pipeline Mode to Classic.
Reboot the server.

Additional steps for switchover pairs

On each CIC server:

Open regedit and navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Interactive Intelligence\Certificates. Right click on this registry key, and select Permissions. Click on the Add button, and enter NETWORK SERVICE for the user. Give this user Full Control to allow the user permissions to access the registry key.
Open Windows Explorer.
Navigate to the \I3\IC\Certificates directory.
Select the <Machine Name>_ININ_Certificates.xml, <Machine Name>_PrivateKey.bin and <Machine Name>_PublicKey.bin files. Right click and then select Properties.
Click on the Security tab. Then click Add. Enter NETWORK SERVICE for the user, and give Full Control to this user to allow proper file access to these files.
Do the same for the \I3\IC\Certificates\Client\Remote_Client\<Notifier Name>\<Notifier Name>_TrustedCertificate.cer file.