Security Certificates

Certificates are used to authenticate entities (person, organization, website or a software application) and establish secure communication between server and clients when deploying Desigo CC system.

For securing the communication, you can use the SMC-created certificates as well as the commercial certificates (certificates signed by a trusted Certificate Authority (CA)).

In SMC, using you can create root, host, and self-signed certificates on a server, client or FEP and set them as default and use them for:

• Securing a client/server communication: You can use both .pem certificates as well as certificates from the Windows store for this purpose.
• Securing a web communication between the Server and the remote web server (IIS): For this, you can only use certificates available in the appropriate Windows Certificate store.

SMC allows you to create the following two types of certificates:

• Windows-store based certificates (root, host, and self-signed):
• used to secure the client/server communication and Server/IIS communication.
• have the file formats.cer and .pfx.
• the .cer file format contains the certificate, the .pfx file format contains the private key.
• Windows certificates must be available in the appropriate Windows Certificate store.
• To work with the Installed Client on a Client/FEP station, the logged-on operating system user requires access to the private key of the host certificate stored in the Windows Certificate store.
• File-based certificates (root and host):
• used to secure the client/server communication.
• have the file format as .pem (Privacy Ehanced Mail).
• the root or host certificates of the .pem based type actually consist of two .pem files; one containing the certificate and another containing the private key.
• must be available on the disk of the server or Client/FEP computer.

This section provides background information on the security certificates of Desigo CC . For related procedures, see the step-by-step section.