Recast Enterprise Server Certificates

From Now Micro
Revision as of 15:42, 30 May 2019 by Christianm (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Contents

This Wiki is out of date. Please view the current documentation at https://wiki.recastsoftware.com

Certificate Options

Once the Recast Enterprise Server is installed, a certificate needs to be installed on the RecastEnterpriseServer IIS site. This can be either a self-signed certificate, a certificate signed by an internal Certificate Authority, or a certificate signed by a 3rd party. The table below lists the pros and cons of each approach.

Comparison of Certificate Options
Self-Signed Certificate Internal CA Certificate External CA Certificate
Requires deployment of self-signed certificate True False False
Requires deployment of CA certificate N/A True False
Purchase Required False False True
Mobile Support False True True

The external certificate authority option requires no configuration of mobile and desktop clients and is strongly recommended. If using an internal CA or a self-signed certificate, deployment of a certificate is necessary. Desktop clients can receive trusted certificates through Group Policy. Mobile client certificates can be deployed through a MDM solution.

Creating a Self-Signed Certificate

  1. To create a self-signed certificate, open IIS Manager on the server that you installed Recast Enterprise Server. Select the server name in the Connections Pane, and open Server Certificates.

    IIS Manager Home Server Certificates.png

  2. Click the Create Self-Signed Certificate Link on the Actions Pane.

    IIS Manager Server Certificates.png

  3. The Create Self-Signed Certificate wizard will pop-up. Give the certificate a friendly name (such as Recast Enterprise Server) and choose Web Hosting from the drop down menu. Click OK.

    Create Self-Signed Certificate.png

  4. Next we need to assigned the certificate to the RecastEnterpriseServer IIS Site. Select the RecastEnterpriseServer site in the Connections pane of IIS Manager and click the Bindings link in the Actions pane.

    IIS Manager RecastEnterpriseServer Home.png

  5. Choose the binding and click Edit.

    Site Bindings.png

  6. Choose the Recast Enterprise Server certificate created earlier and click OK.

    Edit Site Binding Recast Enterprise Server.png

  7. Click Close on the Site Bindings screen.

Requesting a Certificate from an Internal Certificate Authority

  1. To request a certificate from an internal CA, open IIS Manager on the server that you installed Recast Enterprise Server. Select the server name in the Connections Pane, and open Server Certificates.

    IIS Manager Home Server Certificates.png

  2. Click the "Create Domain Certificate" link on the Actions Pane.

    IIS Manager Server Certificates Create Domain Certificate.png

  3. The Create Certificate wizard will pop-up. Fill out the wizard page with the relevant information and click Next.

    Create Certificate Distinguished Name Properties.png

  4. Click the Select button on the Online Certification Authority page.

    Create Certificate Online Certification Authority.png

  5. Choose your internal certification authority and click OK.

    Select Certification Authority.png

  6. Give the certificate a friendly name (such as Recast Enterprise Server). Click Finish.

    Create Certificate Online Certification Authority Domain.png

  7. Your certificate should show up in the Server Certificates list.

    Server Certificates Recast Enterprise Server Domain.png

  8. Next we need to assigned the certificate to the RecastEnterpriseServer IIS Site. Select the RecastEnterpriseServer site in the Connections pane of IIS Manager and click the Bindings link in the Actions pane.

    IIS Manager RecastEnterpriseServer Home.png

  9. Choose the binding and click Edit.

    Site Bindings.png

  10. Choose the Recast Enterprise Server certificate created earlier and click OK.

    Edit Site Binding Recast Enterprise Server.png

Requesting a Certificate from an External Certificate Authority

The process for requesting certificates will vary by vendor, and you should follow their instructions first.

  1. To request a certificate from an external CA, open IIS Manager on the server that you installed Recast Enterprise Server. Select the server name in the Connections Pane, and open Server Certificates.

    IIS Manager Home Server Certificates.png

  2. Click the Create Certificate Request Link on the Actions Pane.

    IIS Manager Server Certificates Create Domain Certificate.png

  3. In the Request Certificate wizard, fill in the relevant information and click Next.

    Request Certificate Distinguished Name Properties.png

  4. On the Cryptographic Service Provider Properties page, choose an appropriate provider and bit length. Click Next.

    Request Certificate Cryptographic Service Provider Properties.png

  5. On the File Name page, type or browse to the location you would like the certificate request stored. Click Finish to save the request.

    Request Certificate File Name Recast Request.png

  6. Submit the certificate request to your CA vendor of choice.
  7. When the third party CA responds, open IIS Manager to the Server Certificates section, and choose Complete Certificate Request.

    IIS Manager Server Certificates Complete Certificate Request.png

  8. In the Complete Certificate Request window, browse to the location of the certificate request. Give the certificate a friendly name (such as Recast Enterprise Server), and choose Web Hosting from the drop down menu. Click OK.

    Complete Certificate Request.png

  9. Next we need to assigned the certificate to the RecastEnterpriseServer IIS Site. Select the RecastEnterpriseServer site in the Connections pane of IIS Manager and click the Bindings link in the Actions pane.

    IIS Manager RecastEnterpriseServer Home.png

  10. Choose the binding and click Edit.

    Site Bindings.png

  11. Choose the Recast Enterprise Server certificate created earlier and click OK.

    Edit Site Binding Recast Enterprise Server.png

Next, you will need to configure the application settings in the Control Panel. If you're setting up a DNS alias, additional configuration may be required.

Personal tools
Namespaces

Variants
Actions
Navigation
Tools