You can use a self-signed certificate or a certificate signed by a CA to replace the default SSL server certificate that is provided with View Connection Server.

A CA is a trusted entity that guarantees the identity of the certificate and its creator. When a certificate is signed by a trusted CA, users no longer receive messages asking them to verify the certificate, and thin client devices can connect without requiring additional configuration. If your clients need to determine the origin and integrity of the data they receive, you should obtain a CA-signed certificate rather than use a self-signed certificate.

1

To obtain a signed certificate from a CA, you must use keytool to generate a keystore file and a certificate signing request (CSR) file. For testing purposes, you can obtain a free temporary certificate based on an untrusted root from many CAs.

2

If your View Connection Server instance or security server does not trust the root certificate for the server certificate that you have obtained from a CA, use keytool to import the certificate into your keystore file before you add the server certificate.

3

If your server certificate is signed by an intermediate CA rather than by a root CA, you must add the intermediate certificate to the keystore before you add the server certificate.

4

If you obtained a signed server certificate from a CA, use keytool to import the certificate into your keystore file.