Certificates

To ensure system security, you must acquire certificates.

To secure communication with certificates, see the chapter Server Certificates.

To acquire certificates, see the section Acquiring and Installing Certificates.

To use client certificates for user authentication instead of password, see the chapter Client Certificates.

For information about certificates in ECF, see Certificates for Embedded Communications Framework (ECF).

Note:

To secure connection with a certificate, the certificate is installed and configured on server, and the client must trust the certificate authority (CA) that has issued the certificate. The operating systems or browsers trust automatically the certificates issued by public CAs, but if you use a private CA to issue a self-signed certificate, you must install the CA’s certificate on the client computer as well to trust the CA. Contact the CA or your certificate server administrator for details.

Servers and clients in this context refer to secure connection, and not to the roles in the system.

Note:

If Java does not trust the certificate authority (CA) you are using, you must reinstall the CA certificate to Java jre\lib\security folder manually after each Java version update because the folder is updated in every version change. Refer to Oracle instructions about how to install the certificate in Java cacerts keystore.