15.6
Table Of Contents
- Dragon_NMCInstallGuideCover_20160929_v4_Cloud
- About this guide
- Chapter 1: Introduction
- Chapter 2: Preparing for your installation
- Chapter 3: Post-installation tasks
- Chapter 4: Preparing for your Active Directory single sign-on configuration
- Chapter 5: Installing the Local Authenticator
- Chapter 6: Preparing for your Central Authentication single sign-on configuration
- Central authentication overview
- Supported identity providers
- Supported federation relationship types
- Checklist—Planning your Central Authentication single sign-on setup
- Obtaining required information
- Configuring Central Authentication
- Installing the Active Directory/LDAP connector
- Viewing Central Authentication audit events
Nuance Management Center Server Installation and Configuration Guide
Installing and binding the SSL certificate
About signed certificates
Using SSL requires that you obtain an SSL certificate issued by a certificate authority (CA). Nuance
Management Center does not support self-signed certificates. You can obtain signed certificates from
certificate authorities, such as GoDaddy or Verisign. The certificate authority must be a trusted authority
known to both the client computer and the server via a root certificate. To obtain a signed certificate, you'll
need to provide information to the certificate authority about your organization and the server on which you are
installing the certificate in the Certificate Signing Request (CSR). Each certificate authority may require
different information. Typically, the information can include the following:
l Organization name
l Organization location information, such as town and state
l Computer name for the server on which you are installing the certificate
l Extended Key Usage value, such as 2.5.29.37. Extended key usage further refines key usage
extensions, which define the purpose of the public key contained in the certificate.
l Key Size, such as 2048 bits or 4096 bits. Determines the length of the public key in the certificate. A
longer key provides stronger security. You determine the level of security that is appropriate for your
environment.
You obtain this information from your IT department, or from the person who installed and configured your
server.
All SSL Certificates require a private key to work. The private key is a separate file that’s used in the
encryption and decryption of data sent between your server and the connecting clients. A private key is
created by you—the certificate owner—when you request your certificate with a Certificate Signing Request
(CSR). The Certificate Authority providing your certificate (such as DigiCert) does not create or have your
private key.
For more detailed information on installing SSL certificates, see:
http://msdn.microsoft.com/en-us/library/ms733791.aspx
Install the SSL certificate
Clients contact the Local Authenticator on the standard HTTP ports 80 and 443.
1.
Install an SSL certificate in the Personal Store under the Local Computer section for the "logon as"
user account under which the NMS service is running.
To add the Certificates Snap-in and view the certificates installed on the local computer, see https://-
technet.microsoft.com/en-us/library/cc754431(v=ws.11).aspx.
28