Versions Compared

Old Version 1

changes.mady.by.user Alejandro Zambrano

Saved on

compared with

New Version 2

changes.mady.by.user Alejandro Zambrano

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

You can however export your domain CAs certificate, upload it to the storage of your Android device, and import it.  You can import the certificate under security settings of your Android device.  We do not go into specific steps on this because each Android device and version varies but it is generally easy to figure out in a few moments.  You must export your domain CA certificate, upload it to your Android device, and then install it as a trusted root.  At that point you should be able to install a domain CA signed certificate on your CIP server and access it both from a desktop and your Android device without certificate errors using the following URL:

5. Certificate

...

Installation

Once you have obtained your server certificate, private key, and any intermediate certificates from your Certificate Authority (CA), you will need to install them on your CIP server to enable HTTPS. Follow these steps to install your certificates using the provided commands:

Info

All these commands must be run from the CIP Shell.

  1. Install the Server Certificate

    • The server certificate is the certificate issued specifically for your domain by the CA.

    • Use the command cert install server [path/to/your/server.crt] to install your server certificate. Replace [path/to/your/server.crt] with the actual path to your server certificate file.

    Example:

    Code Block
    cert install server /etc/ssl/certs/cip_server_certificate.crt

  2. Install the Private Key

    • The private key is generated when you create your CSR (Certificate Signing Request). It should be kept secure and private.

    • Use the command cert install private [path/to/your/private.key] to install your private key. Replace [path/to/your/private.key] with the actual path to your private key file.

    Example:

    Code Block
    cert install private /etc/ssl/private/cip_server_private.key

  3. Install Intermediate Certificates (if applicable)

    • Intermediate certificates are used to chain yours to the root certificate of your CA, aiding in the trust process.

    • Use the command cert install intermediate [path/to/your/intermediate.crt] to install any intermediate certificates provided by your CA. Replace [path/to/your/intermediate.crt] with the actual path to your intermediate certificate file.

    Example:

    Code Block
    cert install intermediate /etc/ssl/certs/cip_intermediate_certificate.crt

Ensure that after installing the certificates, you verify the configuration by accessing your CIP server over HTTPS using the corresponding URL mentioned in section 4. If you encounter any certificate errors, double-check the installation steps and the certificate paths.

CIP support will assist with these issues and advise as best we can on how to proceed based on what works best for you as a customer.  Our support team will also assist with setting up HTTPS on our side and generating CSRs, etc.

6. Certificate Lifecycle

Certificates are a point of maintenance that you are likely already familiar with.  However, you should be aware that your certificates will expire based on the details of the CA who signed your certificate.  You should be aware of these expirations and be prepared to renew certificates in advance of their expiration.  This is something you need to track as a customer to avoid your CIP server being inaccessible due to a certificate expiration.  A best practice we have observed is customers creating a shared calendar in IT to track certificates issued and expirations.

...