To use the SSL capabilities of MCS, you must include a server site certificate issued by a certificate authority (CA). If you don't already have a server site certificate, you must obtain and install one. If you want to provide client certificate authentication, a personal certificate is required for all computers that access MCS.
The following table describes the SSL certificate requirements to configure security for MCS and client applications.
|Validating the identity of
||Requires this certificate
|MCS||A server site certificate issued by a known certificate authority (CA).|
|Client applications||Client (personal) certificates for all client computers that access MCS.|
For information about obtaining and installing the necessary certificates, see Obtaining and Installing a Server Certificate and Obtaining and Installing Client Certificates.
While waiting for a server site certificate from the CA, for testing purposes, you can use the self-signed, demonstration site certificate included with MCS.
You can use the demonstration certificate to test SSL connections. However, the demonstration certificate has an abbreviated validation period, and should not be used in a production environment.
The demonstration certificate consists of the following files:
By default, MCS is installed and configured to use the demonstration certificate no further action is required until you're ready to install the permanent server certificate issued by the CA.
|Configuring Security Services, Overview|
|Obtaining and Installing a Server Certificate|
|Obtaining and Installing Client Certificates|