The following file types are supported for certificate files:
All files must be in PEM format.
The keyfiles cannot have passwords or any
other type of security. Generic and wildcard certificates cannot be used.
| As an alternative to adding
the CA certificate locally, the certificate can also be issued by your local IT department
using its domain controller. Once the certificate is issued by the IT department, the CA
used to generate it is automatically available for all users in the domain. |
| For viewLinc 5.1 SU3 or
before, delete viewLinc-CA.crt before running
SignCSR.exe. A new viewLinc-CA.crt file will
be generated and used to sign the server certificate. |
If you have been using a certificate
used with an older version of viewLinc (4.3.6 and earlier), or have an expired viewLinc-signed
certificate, use the SignCSR.exe tool to generate a valid
viewLinc-signed certificate.
-
Back up the original file and configuration keys folder. This will allow you to revert
back to the previous certificate if there are issues with the new ones.
-
Copy the signing software, SignCSR.exe, and save the file to the
C:\Users\Public\Documents\Vaisala\Vaisala viewLinc\config\keys
folder.
-
In the .\config\keys folder, drag the request file,
viewLinc-yy-mm-dd.csr, and drop it onto
SignCSR.exe.
If your system does not allow you to
drag and drop, use the CMD prompt (as admin) to move the request file onto
SignCSR.exe.
Ensure that the request file name is exactly
the same as the existing file. The following files are created in the …\config\keys
folder:
- viewLinc-yy-mm-dd.csr
- viewLinc-yy-mm-dd.crt
-
Open the Start menu, type services.msc, and press Enter
to open Windows Services Manager. Restart the viewLinc
Web Server service. Users who are currently logged in to viewLinc will need
to log out and then log in again to establish a new, secure browser session.
-
(Optional. This step is not possible in all deployments, and in some cases, installing
a self-signed certificate in a trusted certificate store is not recommended.)
Install the viewLinc-signed certificate
on all client PCs:
-
On each client PC, copy the viewLinc-signed certificate file (for example,
viewLinc-CA.crt) to any desktop location.
-
Right-click on the file and either:
- Select Install
Certificate, or
- Select
Open and then select the Install
Certificate button in the Certificate
screen.
-
In the Certificate Import Wizard Welcome screen, select
Local Machine.
-
On the Certificate Store screen select Place
all, click Browse, and then select
Trusted Root Certification Authorities. If you receive an
unknown publisher warning, click OK.
-
Click Finish, and then click
Yes.
-
Copy the certificate to all domain machines.
| Users who are currently
logged in to viewLinc will need to log out and then log in again to establish a new,
secure browser session. |
The generation and installation of a
viewLinc-signed certificate is complete.