Using trusted certificates on Security Center servers (Advanced) - Security Center 5.9

Security Center Hardening Guide 5.9

series
Security Center 5.9
revised_modified
2020-11-30

To strengthen the security of your system, you can replace the self-signed certificate on the main server with one issued by a trusted certificate authority (CA). Alternatively, you can import the certificate into the trusted root store of all machines that connect to the Directory.

Before you begin

When installing Security Center, on the Security Settings page of the InstallShield, select Always validate the Directory certificate.

Procedure

  1. Open Genetec™ Server Admin.
  2. From the Servers list, select your server.
  3. In the Secure communication section, click Select certificate.
  4. Choose a certificate and click Select.
  5. Click Save.
    IMPORTANT: If the selected certificate is not trusted by client machines, users are presented with a dialog box when they attempt to log on, informing them of the untrusted connection and providing the following options:
    • Proceed and do not ask again (not recommended)
    • Cancel logon

    There is also a link to View certificate details to help understand why the certificate is not trusted.

    We recommend using a certificate that is trusted by all client machines. If the Invalid certificate warning is unexpected, ensure that you understand why the certificate is not trusted before proceeding.