Create certificates

The SSL Toolset provides the mechanism to create two types of certificates:

A server certificate for each JACE and Supervisor platform.
A Certificate Authority (CA) certificate that you can use to sign other certificates in a certificate chain of trust. Ideally, CA certificates are generated and kept in a vault where there is no network connectivity.

SSL Toolset provides an easy-to-use interface for creating these certificates, but you may use other tools to create your certificates.

Third-party CAs, such as VeriSign, are unlikely to sign your CA certificates. This section explains how to become your own Certificate Authority, and includes:

Set up certificates checklist
Design the certificate chain of trust
Set up the root and intermediate certificates
Set up the JACE and Supervisor server certificates
Sign the server certificates
Import the signed server certificate and configure each station
Set up the Trust Stores
Install certificates in a client browser
Updating a certificate
Back up the stores
Managing allowed hosts
Test station health