6.4 Configuring Windows 7 to Use a Self-Signed Certificate with Vibe

To configure Windows 7 to use a self-signed certificate with Novell Vibe is a two-step process. The first step is accomplished by the Vibe administrator on the Vibe server, and the second step is accomplished by each Vibe user on his or her Windows 7 workstation.

Administrator

  1. Vibe administrators must ensure the following prerequisites are met in order to configure Windows 7 to use a self-signed certificate with Vibe:

    • The self-signed server certificate must be issued to a name that exactly matches the domain name of the URL that you use it for. This means that it must match the URL of your Vibe site. If you are generating a self-signed certificate using the keytool, as described Importing the Certificate Files into the Vibe Keystore, you must enter the Vibe domain name when prompted for your first and last name.

    • The date range for the trusted server certificate must be valid. You cannot use an expired server certificate.

User

Each user on his or her Windows 7 workstation must import the self-signed certificate of the Vibe server into the Trusted Root Certification Authorities store.

In a controlled corporate environment where the system administrator sets up each client workstation before use, this certificate can be preinstalled on each Windows 7 workstation. This can minimize end-user error and frustration.

  1. Launch the Internet Explorer browser.

  2. Click Tools > Internet Options to display the Internet Options dialog box.

  3. Click the Security tab, then select Trusted sites.

  4. Click Sites.

  5. In the Add this website to the zone field, specify the URL of the Vibe Web site, then click Add > Close.

  6. Browse to your Vibe site.

  7. (Conditional) If a prompt displays indicating that there is a problem with this Web site’s security certificate, complete the following steps:

    1. Click Continue to this website (not recommended).

    2. Click Certificate Error at the right of the address bar, then click View certificates.

    3. Click Install Certificate, then click Next in the wizard.

    4. Select Place all certificates in the following store.

    5. Click Browse, browse to and select Trusted Root Certification Authorities, then click OK.

    6. In the wizard, click Next, then click Finish.

    7. (Conditional) If a Security Warning dialog box displays, click Yes.

    8. Click OK to close the Certificate Import Wizard.

    9. Click OK to close the Certificate window.

    10. Shut down all instances of the Internet Explorer browser, then restart the browser.

    11. Browse to the Vibe site. You should no longer see the certificate error message.

      If you continue to see the certificate error message, the server’s self-signed certificate might not match the site URL, as described in Step 1.