TLS/SSL certificates are crucial for private information exchange and to validate that the received information has not been altered. Mividas installer includes tools to help deal with these seemingly complex technologies.
Sometimes it can take a while to get access to valid certificates, which is why Mividas Installer has tools to be able to generate test certificates while waiting for the valid ones to arrive. To simulate a real environment, both a root CA issuer and an intermediate CA issuer is generated. Note that these should only be used in tests or proof of concept environments.
You will find the certificate management tools by navigating to “Certificates” located in the header navigation of the Mividas Installer.
Certificates management
Use this tool to upload your certificate pairs and check certificate information. To help with demo-setups a self signed CA and certificate generation service is also included.
When first navigating to certification management you will be met by the certificate overview where you will see all available certificates. Find information including the expiration date, upload date, and Issuer. You also have the choice to delete selected certificates.
Clicking on the title of a certificate from the overview will bring you to the certificate details page for the specific certificate, where you will find tools such as update certificate
, create CSR request
or export private key
. Read more about this topic in the Certificate details documentation.
General information about certificates
Certificates files should use Base 64-encoded PEM format, and the public certificate should always include the full certificate chain for better compatibility with different services, video conferencing systems and web browsers.
I.e. the public certificate file should include the certificate for the service followed by intermediate certificate(s) and the root CA. If the file contains only one certificate some devices or services may not work correctly even if everything looks ok in the administrators web browser.
Use external tools, e.g. https://www.ssllabs.com/ssltest/ or openssl from the command line openssl s_client -connect core.example.org:443
to validate your installation.
Example of a public key for core.example.org opened in a text editor:
—–BEGIN CERTIFICATE—–
(core.example.org content)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Intermediate CA content)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Root CA content)
—–END CERTIFICATE—–
Upload or generate certificates
By scrolling down on the certificate overview page you will find tools for uploading new certificates or have the Mividas Installer generate temporary self-signed certificates for all products without assigned certificates. Lastly, you have the choice to generate new certificates.
Custom CA
Make sure to upload custom CA certificates to allow communication between services. E.g. to allow Meeting Portal (portal.example.org) to schedule meetings through a Mividas Core installation (core.example.org), the CA that have signed the certificate of core.example.org must be approved on the Mividas Portal server in the Installer.
Find the CA / intermediary tools by navigating to “Certificates” located in the header navigation of the Mividas Installer followed by clicking on the “CA / Intermediary” tab.