Educational ICT Virtualisation Specialist

Twitter LinkedIn E-mail
Precedence Technologies Ltd
Technology House, 36a Union Lane
Cambridge, CB4 1QB, United Kingdom
T: +44 (0)8456 446 800 / +44 (0)1223 359900
F: +44 (0)8456 446 899 / +44 (0)1223 359459

Jump To: Support > KB > NetManager > SSL > OwnCA

Becoming your own local Certificate Authority

Global Certificate Authorities will only sign certificates for domains which officially exist in the wider world (and that you own). They will not issue certificates for internal domain names (such as mynetwork.internal). If you need to secure internal traffic, you will need to have a local Certificate Authority.

  1. Visit webadmin and go to Security > Certificates
  2. Click on the Certificate Authority tab
  3. Enter the relevant details and click Create Certificate Authority:
  4. Once created, the page will change to show the certificate authority details and status:

You will need to install the local CA cert on all devices that will use internal SSL-enabled services as otherwise they will not trust the certificates you issue. You may download the CA cert by clicking on Download below "Certificate:" or you may copy and paste the CA cert by clicking Show/Hide certificate.

Viewing and revoking certs

The Issued certs section shows all certificates that you have issued and their status. If a certificate is not revoked, you may download it by clicking on its subject in the first column.

If you want to make a certificate invalid for use (or generate a new certificate with the same subject), you will need to use the Revoke option alongside the certificate.

Signing certificates from requests generated elsewhere

If you have a Certificate Signing Request (CSR) generated on another machine (e.g. Windows or an internal web-server), you may use the Sign certificate section to upload the CSR. Once signed, the certificate can be downloaded from the Issued certs section.

An worked example of enabling LDAPS on your Active Directory domain controllers can be found here.

© Copyright Precedence Technologies 1999-2019
Page last modified on November 06, 2017, at 05:00 PM by sborrill