The following table describes the SSL certificate requirements to configure security for Management & Control Services (MCS) and client applications.
|Security for||Requires this certificate|
|Management & Control Services (MCS)||A server site certificate issued by a known certificate authority (CA). For details, see Site Certificate for MCS.|
|Client applications||A personal certificate, for all client PCs that access MCS or the Client Access page. For details, see Client Certificates.|
To use the SSL capabilities of MCS, you must include a server site certificate issued by a certificate authority (CA). If you don't already have a server site certificate, you must obtain and install one, as described in the procedure for obtaining and installing a server site certificate.
While waiting for the server site certificate from the CA, you can use the self-signed, demonstration site certificate included with MCS; no further action is required until you're ready to install the permanent certificate from the CA.
While waiting for a site certificate from a CA, you can use the self-signed demonstration site certificate included with Security Services. The demonstration certificate allows you to test SSL connections. However, keep in mind that the demonstration certificate has an abbreviated validation period, and it should not be used in a production environment.
The demonstration certificate consists of the following files:
By default, MCS is installed and configured to use the demonstration certificate; no further action is required until you're ready to install the permanent site certificate issued by the CA, as described in the procedure for obtaining and installing a server site certificate.
For client certificate authentication, you must obtain and install a personal certificate on each client PC that will access MCS or a Telnet server (host). All software downloaded from MCS uses the personal certificate stored by the Web browser on the client PC.
For instructions, see the procedure for obtaining and installing a personal certificate.
|Overview of Security Services|
|Configuring Security Services|
|Configuring a Client SSL Connection|
|Obtaining and Installing Certificates|
|Modifying the SecurityGateway.properties File|
|Obtaining a Certificate from thawte.com|
|Obtaining a Certificate from verisign.com|