Your Browser is not longer supported

Please use Google Chrome, Mozilla Firefox or Microsoft Edge to view the page correctly
Loading...

{{viewport.spaceProperty.prod}}

Digital certificates

&pagelevel(3)&pagelevel

To use HTTPS/SSL, not only an SSL key pair is required on the Management Unit, but also a (digital) SSL certificate. This server certificate performs the following two tasks:

  • The certificate is always system-specific (contains the FQDN) and proves the online identity of the system concerned for the browser on the administration PC.

  • The certificate provides the public key with which the browser encrypts its messages to the server on the administration PC.

A self-signed, system-specific certificate which was generated on the system is preinstalled as the standard certificate on each Management Unit.

You can also use other certificates instead of the preinstalled self-signed certificate. The following options are available:

  • Use of a self-signed certificate
    The certificate must comply with the X.509 standard with PEM encoding and the certificate file must have the suffix .key.

    A certificate of this type is preinstalled on the system as the standard certificate. It must be explicitly confirmed or imported on any browser with which the SE Manager operates.

  • Use of a customer-specific certificate (signed by a customer CA)

    If the customer-specific policy specifies the use of such a certificate, it can simply be installed.

    The certificate is as a rule derived from a customer-specific root certificate. Such a certificate is known to the browsers the customer uses and is accepted without an inquiry (i.e. without being confirmed or imported).

  • Use of a commercial certificate (signed by a root CA)

    A certificate of this type is created for a fee by a trusted root certification authority (CA) and is therefore known to all browsers. Consequently every browser accepts such certificates without an inquiry.