Setup SSL Server Options

This screen appears when configuring any server type if you enabled 'Use SSL/TLS' when specifying the Web Server port.

If you selected the [Use SSL/TLS] check box in Specify Web Server Port, configure SSL as indicated below.

  1. Specify the certificate authority connecting to the server.

    • [Self-signed Certificates or Commercial Certificate Authority]: Select this option to have the software automatically create and use self-signed certificates. This option should also be selected if certificates purchased from a commercial certificate authority will be used. Installation of purchased certificates is done though the Management Console.
    • [Active Directory Local Certificate Authority]: Refer to the following notes if you have an Active Directory Certificate Authority. Enter the template name to use when generating an SSL certificate.
  • For the functional outlines and installation procedure of Active Directory Local Certificate Authority, see the Microsoft website.
    • https://technet.microsoft.com/library/cc755071(v=ws.11).aspx
    • https://technet.microsoft.com/library/jj717285(v=ws.11).aspx
  • To use Active Directory Local Certificate Authority in SLNX, the following conditions must be fulfilled:
    • SLNX is participating in the same domain as the Active Directory Certificate Service (AD CA)
    • The account specified on the "Service Logon Information" screen has enroll/ autoenroll permission in the AD CA template.
    • A template configured with the following settings is issued:
      • On [Request Handling] - [Allow private key to be exported] is selected
      • Select at least one attribute in [Subject Name] - [Build from the Active Directory information]: DNS Name, UPN, or SPN
      • The appropriate permission (enroll/autoenroll) is specified

  1. Click [Next].

  2. On the "SSL Client options" window, configure the SSL client. To trust all certificates while operating the system, select the [Trust all Certificates ]check box, and then click [Next].

    3. For cloud environment, it is recommended to uncheck the 'Trust all Certificates' box.