To use the SSL capabilities of MCS, you must include a server site certificate issued by a certificate authority (CA). If you don't already have a server site certificate, you must obtain and install one, as described in the procedure for obtaining and installing a server site certificate.
While waiting for the server site certificate from the CA, you can use the self-signed, demonstration site certificate included with MCS.
The demonstration certificate allows you to test SSL connections. However, the demonstration certificate has an abbreviated validation period, and should not be used in a production environment.
By default, MCS is installed and configured to use the demonstration certificate; no further action is required until you're ready to install the permanent site certificate issued by the CA.
For client certificate authentication, you must obtain and install a personal certificate on each client computer that will access MCS or a Telnet server (host). All software downloaded from MCS uses the personal certificate stored by the Web browser on the client computer.
For instructions, see the procedure for obtaining and installing a personal certificate.
The following table describes the SSL certificate requirements to configure security for Management & Control Services (MCS) and client applications.
|Validating the identity of||Requires this certificate|
|MCS||A server site certificate issued by a known certificate authority (CA).|
|Client applications||A personal certificate, for all client computers that access MCS or the myAccess Links page.|
|Overview of Security Services|
|Obtaining and Installing Certificates|
|Configuring a Client SSL Connection|