15.5
Table Of Contents
- Dragon_NMCInstallGuideCover_20160929_v4
- About this guide
- Chapter 1: Introduction
- Chapter 2: Preparing for your installation
- Chapter 3: Installing the servers
- Chapter 4: Post-installation tasks
- Chapter 5: Upgrading Nuance Management Center
- Chapter 6: Preparing for your Active Directory single sign-on configuration
- Chapter 7: Installing the Local Authenticator
- Chapter 8: Preparing for your Central Authentication single sign-on configuration
- Appendix A: Database backups and data retention
Chapter 7: Installing the Local Authenticator
Installing and binding the SSL certificate
About signed certificates
Using SSL requires that you obtain an SSL certificate issued by a certificate authority (CA). You can obtain
signed certificates from certificate authorities, such as GoDaddy or Verisign. Nuance Management Center
does not support self-signed certificates. The certificate authority must be a trusted authority known to both
the client computer and the server via a root certificate. To obtain a signed certificate, you'll need to provide
information to the certificate authority about your organization and the server on which you are installing the
certificate in the Certificate Signing Request (CSR). Each certificate authority may require different
information. Typically, the information can include the following:
l Organization name
l Organization location information, such as town and state
l Computer name for the server on which you are installing the certificate
l Extended Key Usage value, such as 2.5.29.37. Extended key usage further refines key usage
extensions, which define the purpose of the public key contained in the certificate.
l Key Size, such as 2048 bits or 4096 bits. Determines the length of the public key in the certificate. A
longer key provides stronger security. You determine the level of security that is appropriate for your
environment.
You obtain this information from your IT department, or from the person who installed and configured your
server.
All SSL Certificates require a private key to work. The private key is a separate file that’s used in the
encryption and decryption of data sent between your server and the connecting clients. A private key is
created by you—the certificate owner—when you request your certificate with a Certificate Signing Request
(CSR). The Certificate Authority providing your certificate (such as DigiCert) does not create or have your
private key.
For more detailed information on installing SSL certificates, see:
http://msdn.microsoft.com/en-us/library/ms733791.aspx
Install the SSL certificate
Clients contact the Local Authenticator on the standard HTTP ports 80 and 443.
1.
Install an SSL certificate in the Personal Store under the Local Computer section for the "logon as"
user account under which the NMS service is running.
To add the Certificates Snap-in and view the certificates installed on the local computer, see https://-
technet.microsoft.com/en-us/library/cc754431(v=ws.11).aspx.
75