Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ Operations Management Interface

About secured WebSocket communication to remote desktops

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
TABLE OF CONTENTS

About secured WebSocket communication to remote desktops

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedDec 09, 2024
  • 2 minute read

The InTouch Access Anywhere Server installation includes a self-signed certificate for secure SSL connections. Some browsers, such as Google Chrome, allow self-signed certificates for SSL-encrypted WebSocket connections.

Opera browsers will notify the user that the server certificate is not signed and prompt the user to continue. Chrome OS, Safari 5.x, and Firefox do not allow secure SSL connections using a self-signed certificate.

In order to provide connectivity from these browsers, a trusted certificate must be imported into the InTouch Access Anywhere Server or into the InTouch Access Anywhere Secure Gateway if it is being used as a proxy for InTouch Access Anywhere Server. A trusted certificate must be purchased from a trusted certificate authority (for example, VeriSign).

Note: The DNS address of the InTouch Access Anywhere Server or Secure Gateway server must match the certificate name. If a wildcard certificate is being used, the domain must match. For example, if the certificate is for *.acme.com, the server name must end with acme.com.

To import a trusted certificate into the InTouch Access Anywhere Server, perform the following steps using the Microsoft Certificate Manager.

  1. Show the Windows Command Prompt running as an Administrator.

  2. Type certmgr.msc to show the Certificate Manager.

  3. Import the trusted certificate to the Computer (Personal | Certificates) store.

    Import a trusted certificate

  4. Mark the certificate as exportable during the import.

    Mark a certificate as exportable

  5. Go to the Certificate's Details tab and highlight the Thumbprint.

    Certificate's details tab

  6. Copy the thumbprint (Ctrl+c).

  7. Stop the InTouch Access Anywhere Server service.

  8. Using the Command Prompt (cmd.exe), go to the folder that contains AccessNowServer32.exe.

  9. Run: AccessNowServer32.exe/genbincert <thumbprint of certificate to export enclosed in quotation marks>.

    The following is an example import command with thumbprint in quotation marks:

    Sample certificate import command

  10. After importing the thumbprint, a notification appears confirming the BIN certificate has been successfully created.

  11. Start the InTouch Access Anywhere Server service and it will be ready for use.

TitleResults for “How to create a CRG?”Also Available in