Altova LicenseServer

Self-Signed Certificates

Home Prev Top Next

Alternatively to purchasing an SSL certificate from a certificate authority (CA), you can create and use a self-signed certificate. Your organization will likely have specific security policies concerning SSL certificates and might have a system in place for creating and using a self-signed certificate. The broad steps for using self-signed certificates are given below and will depend on the SSL application you use to create the certificate (such as OpenSSL), and the OS on which LicenseServer is installed.

 

Since your certificate is self-signed, no browser will by default trust it. A browser would typically display a warning like, This site is not trusted. In order for an HTTP client (such as a browser) to trust your self-signed certificate, the certificate must be imported into a certificate store in one of the following ways:

 

Into the trusted certificates store of the browser.

Into the trusted certificates store of the operating system (OS). This would apply if the browser uses the OS store. On Windows, for example, Google Chrome and Microsoft Edge use the operating system's certificates store, while Mozilla Firefox uses its own store. On Linux, both Google Chrome and Mozilla Firefox use their own certificates store. On Mac, Safari uses the operating system's certificate store (Keychain Access).

 

Note the following points:

 

This step must be performed for each client machine (or browser, if applicable) that will access License Server.

If you enable encryption, make sure that the self-signed root CA certificate must be trusted by the operating system.

 

© 2018-2024 Altova GmbH