Purchasing a CA-signed certificate - viewLinc 5.2

SSL/TLS certificates viewLinc 5.2

Document code
DOC254683EN
Revision
A
Language
English
Product
viewLinc 5.2
Document type
Technical note
The following file types are supported for certificate files:
  • CRT
  • CSR
  • DER
  • PEM
  • PFX (pkcs7, pkcs12)
All files must be in Base-64 encoded X.509 format.
Certificate signing authorities have various procedures for purchasing a signed certificate.
  1. If you generated viewLinc-signed certificate files during initial installation, go to 5.
  2. If you did not generate viewLinc-signed certificate files during the initial installation of viewLinc, copy the signing software CreateCSR.exe and save the file to the C:\Users\Public\Documents\Vaisala\Vaisala viewLinc\config\keys folder.
  3. Drag the key file which has the best fit for your installation (for example, viewLinc-yy-mm-dd.key), and drop it onto CreateCSR.exe.

    If your system does not allow you to drag and drop, use the CMD prompt (as admin) to move the request file onto CreateCSR.exe.

  4. Answer the questions. This process generates a certificate request file (.csr).
    Ensure the list of hostnames and aliases you provide is correct and complete, or users will not be able to connect to the viewLinc webserver.
  5. In your …\config\keys folder, locate the generated certificate request file (viewLinc-yy-mm-dd.csr) that has been created in the folder. The date in the file name reflects the date it was created.
  6. Complete the purchasing steps as defined by your selected certificate signing authority.
  7. When you receive the trusted certificate, update viewLinc with the trusted certificate:
    1. If the trusted certificate is received as a file, save the file as viewLinc-yy-mm-dd.crt.
      Ensure that you save the replacement certificate file with exactly the same name as the old file.
    2. If the signed certificate is received as text, copy all lines between -----BEGIN CERTIFICATE----- / -----END CERTIFICATE-----, and save the text as viewLinc-yy-mm-dd.crt. Note that this file needs to be in PEM format which comprises a block of data between BEGIN/END CERTIFICATE headers and can use other extensions besides .pem.
  8. Replace the existing file viewLinc-yy-mm-dd.crt with the new trusted file in the viewLinc …\config\keys folder.
  9. Open Windows Services Manager.
  10. Restart the viewLinc Web Server service.
    Users who are currently logged in to viewLinc will need to log out and then log in again to establish a new, secure browser session.
    The purchase and installation of a trusted CA-signed certificate is complete.