Replacing default certificates - Security Center 5.9

Security Center Administrator Guide 5.9

Applies to
Security Center 5.9
Last updated
Content type
Guides > Administrator guides
Security Center

To replace the self-signed certificate on a server with a certificate from a trusted source, you must import the new certificate into the Local Computer Certificate Store of your server before you can select it in Server Admin.

Before you begin

Follow your company's procedure regarding the enrollment of certificates. If your situation requires you to create a custom request, make sure you follow the recommendations required for Security Center.

What you should know

To improve the security of your system, you only need to replace the self-signed certificate on your main server (or all Directory servers if you have Directory failover configured). It is not necessary to change the certificate on all expansion servers.


  1. On your main server, start Microsoft Management Console (mmc.exe).
  2. In the Console window, expand Certificates.
  3. Under Certificates (Local Computer), right-click Personal, and then click All Tasks > Import.
  4. Follow the instructions in the Certificate Import Wizard to import the certificate.
  5. Open Server Admin on your server.
  6. Click the Genetec Server tab.
  7. Under Secure communication, click Select certificate.
  8. In the dialog box that opens, select the new certificate you just imported and click Select.
    NOTE: If the certificate you selected is not valid (not using Legacy key for example), an error message will be displayed and you won't be able to apply it.
  9. Click Save, and restart the Genetec™ Server service.