This question was originally posted on DCIM Support by Simon Ooi Liang Chieh on 2017-03-15
Hi. I'm using DCE version 188.8.131.52
I'm thinking of enabling HTTPS access to DCE.
So far it worked if I create a self-signed certificate (goto System > Server Administration settings > Server Access > under Web Server tab, click Modify Certificate and Create New Self-Signed Certificate).
However, when I access DCE from my browser, it'll say the certificate is not issued by a trusted CA. I am wondering, if I can use a Certificate created by Microsoft Windows-based CA instead? I'll assume that since i'm logged on to AD, I'll not have the issue of "certificate not issued by a trusted CA" problem...
What format should the Windows-based Certificate be created in? PEM? Do I just go through the same steps above, but instead of creating a new self-signed certificate, I'll choose "Add Certificate" and select the cert created by Microsoft Windows-based CA?
This answer was originally posted on DCIM Support by Christopherus Laurentius on 2017-03-15
DCE allows you to copy paste the content of the SSL cert for the https access.
I've never tried the upload though.
Before you do so, I'd highly recommend the following:
1.Enable http access, just in case you can't access on https due to ssl cert
Lastly, please contact your local tech support with your DCE software entitlement to request for the DCE upgrade link. Your DCE version is not the latest.
To add the SSL cert, go to DCE client, System–>Server Administration Settings–>Server SSL Certificate.
This comment was originally posted on DCIM Support by Simon Ooi Liang Chieh on 2017-03-15
Thanks for the feedback. From the Online Help, I have the feeling that the Server SSL Certificate shown in your screenshot above is meant for creating a secured communication between DCE and the monitored devices? Is it also used for enabling https web access to the DCE portal itself (e.g. https://mydceserver.mydomain.com)?
This comment was originally posted on DCIM Support by Christopherus Laurentius on 2017-03-15
For web access, use this one:
Earlier is for comms between DCE to an SMTP server, Active Directory or OpenLDAP server, or a NetBotz Appliance.
This answer was originally posted on DCIM Support by Steven Marchetti on 2017-03-15
The page you suggested is for adding a cert that will allow DCE to communicate to NetBotz device that is also configured for SSL communications. This is something you'll need to do if you turn off http.
If you're looking to create a cert for accessing the server however, you want to go to the server access section, web server tab, and choose modify cert. You will first want to create a certificate signing request and pass that on to your certificate signing authority:
Yes, after you get the cert back, you will want to go to the same page and choose add certificate and add it in a .PEM format.
Discuss challenges in energy and automation with 30,000+ experts and peers.
Find answers in 10,000+ support articles to help solve your product and business challenges.
Find peer based solutions to your questions. Provide answers for fellow community members!