Security Certificates: Difference between revisions

From help.computerisms.ca

Jump to navigation Jump to search

Revision as of 12:49, 2 August 2012 (view source) Bob (talk | contribs) No edit summary ← Older edit		Revision as of 13:27, 2 August 2012 (view source) Bob (talk | contribs) No edit summary Newer edit →
Line 54:		Line 54:
	|-		|-
	|		|
	*		*Move the Radio button to be beside "Place all Certificates in the following store"
			*Click the browse button to open the navigation window
			*In the navigation window, select "Trusted Root Certification Authorities"
			*Click OK, then click Next
			|[[File:help.cert.import.2.png|center|500px]]
			|-
			|[[File:help.cert.import.3.png|center|500px]]
			|
			*Click the Finish button
			|-
			|
			*Another warning window will pop up, click Yes in the bottom right corner
			|[[File:help.cert.import.warning.png|center|500px]]
			|-
			|[[File:help.cert.import.confirm.png|center|500px]]
			|
			*A window will pop up confirming the import was successful, click OK on that window
			*Click OK on the Certificate Window
	|}		|}

---

Revision as of 13:27, 2 August 2012

• Security Certificates are a method of establishing trust between different entities on a network
  • An entity can be a person or a machine
  • Certificates can, in addition to creating trust relationships, also be used to encrypt communications
    • This is especially important when transmitting a username and password across the internet
• Certificate warnings indicates that your computer does not know the origin of the certificate on the server
  • Since your computer cannot verify the origin of the certificate on the server, it cannot establish a trust relationship with the server
  • By temporarily overriding the warning, you instruct your computer to trust the certificate on the server
  • Once the trust is established, then the certificates can be used to encrypt the communication so your password is not transmitted in clear text
• Certificates can be purchased for the server so the warning doesn't appear in your browser, but they are prohibitively expensive for our hosting environment
  • Certificates in general are very very expensive in proportion to the effort required to make them.
  • Computerisms can make certificates that will encrypt a connection every bit as good as a paid certificate for a small fraction of the cost
    • Certificates generated by Computerisms will not be automatically trusted by your computer, and therefor will always show you the certificate warning
• In the case of Computerisms and its customers, we can manually establish our trust, which in turn allows encryption of our passwords
  • Despite the warning, the encryption is still taking place on our system
    • Said another way: Security certificates are still securing your transmission, even though the warning might make you think otherwise.
• Computerisms Certificates can be installed on your machine in such a way that your computer will trust the Computerisms certficates
  • If you do not want to see the warning at every page, then please follow these instructions

The easiest way to install a certificate is using Internet Explorer Open your start menu and choose "All Programs" In the list, right click Internet Explorer In the menu, choose "Run as Administrator" If you are presented with a window confirming the program should be allowed to make changes to your computer, select Yes
	Navigate to https://mail.domain.tld or any other encrypted Computerisms service Select "Continue to this website (not recommended) For the record, it is recommended...
In the next window, you will notice the address bar goes red. Click in the address bar where the X is displayed as a certificate warning
	In the small window that opens up, click the link at the bottom called "View certificates"
In the next window, click the button called "Install Certificate" Note: if you did not run Internet Explorer as Administrator, this button will not show up
	The next window will be the start of the Certificate Import Wizard Click Next
Move the Radio button to be beside "Place all Certificates in the following store" Click the browse button to open the navigation window In the navigation window, select "Trusted Root Certification Authorities" Click OK, then click Next
	Click the Finish button
Another warning window will pop up, click Yes in the bottom right corner
	A window will pop up confirming the import was successful, click OK on that window Click OK on the Certificate Window

Retrieved from "http://help.computerisms.ca/index.php?title=Security_Certificates&oldid=275"