Managing certificates for secure communications

The system supports self-signed and signed certificates to secure communications between the system and web browser.

During system setup, an initial certificate is created to use for secure connections between web browsers. Based on the security requirements for your system, you can create either a new self-signed certificate or install a signed certificate that is created by a third-party certificate authority. Self-signed certificates are generated automatically by the system and encrypt communications between the browser and the system. Self-signed certificates can generate web browser security warnings and might not comply with organizational security guidelines.

Signed certificates are created by a third-party certificate authority. These certificate authorities ensure that certificates have the required security level for an organization based on purchase agreements. Signed certificates usually have higher security controls for encryption of data and do not cause browser security warnings.

When a self-signed certificate is generated or a signed certificate is installed, the expiration date is stored on the system. When the expiration date is less than 30 days from the expiration, a warning event is sent, indicating that the certificate is about to expire. Another event is logged when the certificate expires. Certificates must be regenerated before they expire or access to the management GUI can be disrupted. To manage certificates on the management GUI, select Settings > Security > Secure communications.