Configuring HTTPS Certificate in Central Management Server
GFI LanGuard Central Management Server Console is accessed securely through HTTPS. This requires digital certificates for server authentication and communication encryption purposes. By default, GFI LanGuard Central Management Server Console uses a certificate issued during installation by a special-purpose Certificate Authority (CA) called GFI LanGuard Central Management Console CA. The web clients of GFI LanGuard Central Management Server Console are subsequently presented a certificate chain consisting of:
- A self-signed CA certificate issued by GFI LanGuard Central Management Console CA
- A certificate issued to the computer where the product is installed, having as subject the name of the computer
For any web browser or a GFI LanGuard instance to seamlessly connect to GFI LanGuard Central Management Server Console, the GFI LanGuard Central Management Console CA certificate needs to be trusted. Trust the CA certificate by adding it to the list of Trusted Certificate Authorities on client computers.
The GFI LanGuard Central Management Console CA creates a single certificate during installation. This certificate is then permanently disabled and the CA cannot issue more certificates. This makes it safe to add this CA to the list of Trusted Certificate Authorities on client computers.
Alternatively, if you already have a trusted certificate, you can use it instead of the default certificate generated by GFI LanGuard.