Administrator

Setting Up Browser Certificates for Management Cockpit Connections

To avoid security exceptions when launching Management Cockpit, set up security certificates correctly.

Context

This task is required when:
  • The browser session starts from a host computer that is remote from the Management Cockpit installation.
  • The browser session starts on the same computer as Management Cockpit, and reports a certificate error. The installer automatically sets up a local security certificate, but the certificate installed for HTTPS in the Web container keystore is a self-signed root certificate, which is not recognized by the client browser.
  • The host computer does not have Visual Studio Certificate Manager SDK installed.

Follow the steps below to add the certificate to the Windows certificates store. Alternatively, follow browser-specific instructions to accept the certificate into the Windows certificates store.

Procedure

  1. Extract the self-signed certificate:
    SMP_HOME\JDK<X.X.X_XX>\bin\keytool.exe -exportcert -alias jetty 
    -keystore SCC_HOME\services\EmbeddedWebContainer\keystore -file cert.crt
  2. Click Start of the navigation path Start Next navigation step Run End of the navigation path, type mmc, and then click OK to import the cert.crt file into the host computer’s Windows store with the Windows Certificate Manager. The default password for both the keystore and the alias is "changeit".