...
You can however export your domain CAs certificate, upload it to the storage of your Android device, and import it. You can import the certificate under security settings of your Android device. We do not go into specific steps on this because each Android device and version varies but it is generally easy to figure out in a few moments. You must export your domain CA certificate, upload it to your Android device, and then install it as a trusted root. At that point you should be able to install a domain CA signed certificate on your CIP server and access it both from a desktop and your Android device without certificate errors using the following URL:
5. Certificate
...
Installation
Once you have obtained your server certificate, private key, and any intermediate certificates from your Certificate Authority (CA), you will need to install them on your CIP server to enable HTTPS. Follow these steps to install your certificates using the provided commands:
Info |
---|
All these commands must be run from the CIP Shell. |
Install the Server Certificate
The server certificate is the certificate issued specifically for your domain by the CA.
Use the command
cert install server [path/to/your/server.crt]
to install your server certificate. Replace[path/to/your/server.crt]
with the actual path to your server certificate file.
Example:
Code Block cert install server /etc/ssl/certs/cip_server_certificate.crt
Install the Private Key
The private key is generated when you create your CSR (Certificate Signing Request). It should be kept secure and private.
Use the command
cert install private [path/to/your/private.key]
to install your private key. Replace[path/to/your/private.key]
with the actual path to your private key file.
Example:
Code Block cert install private /etc/ssl/private/cip_server_private.key
Install Intermediate Certificates (if applicable)
Intermediate certificates are used to chain yours to the root certificate of your CA, aiding in the trust process.
Use the command
cert install intermediate [path/to/your/intermediate.crt]
to install any intermediate certificates provided by your CA. Replace[path/to/your/intermediate.crt]
with the actual path to your intermediate certificate file.
Example:
Code Block cert install intermediate /etc/ssl/certs/cip_intermediate_certificate.crt
Ensure that after installing the certificates, you verify the configuration by accessing your CIP server over HTTPS using the corresponding URL mentioned in section 4. If you encounter any certificate errors, double-check the installation steps and the certificate paths.
CIP support will assist with these issues and advise as best we can on how to proceed based on what works best for you as a customer. Our support team will also assist with setting up HTTPS on our side and generating CSRs, etc.
6. Certificate Lifecycle
Certificates are a point of maintenance that you are likely already familiar with. However, you should be aware that your certificates will expire based on the details of the CA who signed your certificate. You should be aware of these expirations and be prepared to renew certificates in advance of their expiration. This is something you need to track as a customer to avoid your CIP server being inaccessible due to a certificate expiration. A best practice we have observed is customers creating a shared calendar in IT to track certificates issued and expirations.
...