Purchasing a CA-signed certificate - viewLinc 5.1

SSL/TLS certificates viewLinc 5.1

Document code
viewLinc 5.1
Document type
Technical note
The following file types are supported for certificate files:
  • CRT
  • CSR
  • PEM
All files must be in PEM format.
Certificate signing authorities have various procedures for purchasing a signed certificate.
  1. If you generated a viewLinc-signed certificate files during initial installation, go to 5.
  2. If you did not generate viewLinc-signed certificate files during the initial installation of viewLinc 5.1, copy the signing software CreateCSR.exe (the file must be from version 5.1.8 or later) and save the file to the C:\Users\Public\Documents\Vaisala\Vaisala viewLinc\config\keys folder.
  3. Drag the key file which has the best fit for your installation (for example, viewLinc-yy-mm-dd.key), and drop it onto CreateCSR.exe.

    If your system does not allow you to drag and drop, use the CMD prompt (as admin) to move the request file onto CreateCSR.exe.

  4. Answer the questions.
    For the domain name, you can provide a comma-separate list of hostnames and aliases; ensure the list you provide is correct and complete. This process generates a certificate request file (.csr).
  5. In your …\config\keys folder, locate the generated certificate request file (viewLinc-yy-mm-dd.csr) that has been created in the folder. The date in the file name reflects the date it was created.
  6. Complete the purchasing steps as defined by your selected certificate signing authority.
  7. When you receive the trusted certificate, update viewLinc with the trusted certificate:
    1. If the trusted certificate is received as a file, save the file as viewLinc-yy-mm-dd.crt.
      Ensure that you save the replacement certificate file with exactly the same name as the old file.
    2. If the signed certificate is received as text, copy all lines between -----BEGIN CERTIFICATE----- / -----END CERTIFICATE-----, and save the text as viewLinc-yy-mm-dd.crt. Note that this file needs to be in PEM format which comprises a block of data between BEGIN/END CERTIFICATE headers. If your file is in a different format, you have to extract the cerificate using, for example OpenSSL.
  8. Back up the original file and configuration keys folder. This will allow you to revert back to the previous certificate if there are issues with the new ones.
  9. Replace the existing file viewLinc-yy-mm-dd.crt with the new trusted file in the viewLinc …\config\keys folder.
  10. Open Windows Services Manager.
  11. Restart the viewLinc Web Server service.
    Users who are currently logged in to viewLinc will need to log out and then log in again to establish a new, secure browser session.
  12. Test that the newly installed certificate works using the URLs you supplied in step 4.
The purchase and installation of a trusted CA-signed certificate is complete.