What is an SSL connection certificate?

The connection between clients and the server is secured via an SSL certificate. The latest encryption standard TLS 1.2 is used here. It is also possible to create a certificate via the server, as well as to use an existing certificate with a CA. All computers on which a client is installed must trust the certificate. Otherwise, the following message will appear when the client is started:

This connection is not trusted!
The connection to the server is not considered secure.

Structure of certificates

The following information applies to both the Password Safe certificate and also to your own certificates:

Alternative applicant

Communication between the client and server can only take place using the path that is stored in the certificate with the alternative applicant. Therefore, the Password Safe certificate stores all IP addresses for the server, as well as the hostname. When creating your own certificate, this information should also be saved under the alternative applicant.

Using the Password Safe certificate

The name of the PSR certificate is PSR8Server. This can be done via the basic configuration in the AdminConsole. The certificate is saved locally under:
Local computer -> own certificates -> certificates

Distributing the Password Safe certificate

In order for the certificate to be trusted, it can be exported to the server and then imported to the clients. The following storage location needs to be selected here:
local computer -> trusted root certificate location -> certificates

The certificate can be both rolled out and distributed using group guidelines.

Manually importing the Password Safe certificate

If the Password Safe certificate is not rolled out, it is also possible to manually import the certificate. To do this, firstly open the certificate information. In the warning notification, the Show server certificate button is available for this purpose. In the following dialogue, select the option Install certificate…

A Certificate import wizard will open in which Local computer should be selected.

In the next step, the storage location “trusted root certificate location” needs to be manually selected.

Finally, the installation needs to be confirmed once again.

Using your own certificate

If a CA already exists, you can also use your own certificate. You can specify this within the basic configuration. Please note that a server certificate for SSL encryption is used here. The CA must be configured so that all clients trust the certificate. It is necessary to adhere to the certification path.

Wildcard certificates

Wildcard certificates are not supported. In theory, it should be possible to use them but we cannot help with the configuration. You can use wildcard certificates at your own responsibility.

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.