1. RealVNC Help Center
  2. RealVNC Connect
  3. On-Prem Management Console

Registering a SSL Certificate as a Trusted Certificate Authority

Follow
Avatar
Fern Selby-Purgavie
Updated

If you have deployed your On-Prem Management Console or the On-Prem Zone with installer generated certificates then these certificates will need to be registered as a Trusted Certificate Authority (CA) in order for other devices and users to be able to access the Management Console or On-Prem Zone.

Where you can gather this certificate from will depend on if the Management Console or On-Prem Zone is configured to use a HTTP endpoint for certificate retrieval.

The application is using the HTTP endpoint

If the applications are using the HTTP endpoint then you will be able to access a certificate set up page where you will be able to download the certificate and access instructions for registering that certificate.

To access the certificate set up webpage you will need to go to you will need to navigate to the certificate set up URL in a HTTP protocol, this will be the domain URL of the Management Console or On-Prem Zone and /certificate-setup, e.g. http://managementconsole.com/certificate-setup.

Once you have registered the certificate you will need to restart the browser and then navigate to the Management Console or On-Prem Zone URL.

The application is not using the HTTP endpoint

If the applications are not using the HTTP endpoint then the SSL certificate will only be accessible when you are logged into the Management Console or On-Prem Zone.

The certificate will be available for download from the Deployment page when logged into the Management Console or On-Prem Zone:

Once downloaded you will need to distribute this to the devices that require access to the Management Console or On-Prem Zone.

On these devices you will need to register the certificate in the trusted certificate store for either the OS or the browser. The steps to do this will vary based on which OS or Browser you will be using, please follow the instructions below relevant for your operating system.

Operating Systems

Windows

  1. Download and save the certificate
  2. In the Windows Search bar type in Certificates and Select "Manage user certificates"
  3. In the left hand side bar expand the Trusted Root Certification Authorities
  4. Right click on Certificates and select All Tasks, the Import...
  5. Select Next in the Certificate Import Wizard
  6. Select Browse, then update the file type dropdown to All Files
  7. Locate and select the certificate, select Next
  8. The certificate store will be prepopulated with Trusted Root Certification Authorities
  9. Select Next, then Finish
  10. Restart the browser to apply these changes

macOS

  1. Download and save the certificate as a .pem
  2. Open the downloaded certificate file in Keychain Access
  3. You may be prompted to add this to the system keychain. You may be prompted to enter your password to complete this step
  4. Locate the certificate in Keychain Access
  5. Open the certificate details and expand the "Trust" section
  6. Update "When using this certificate" to "Always Trust"
  7. Exit the window and when prompted enter the device password
  8. Restart the browser to apply these changes

Linux

  1. Download and save the certificate as a .pem
  2. Open the terminal application and run the below commands:

    Ubuntu
    sudo cp ca.pem /usr/local/share/ca-certificates/realvnc-ca.crt
    sudo update-ca-certificates

    RHEL/Rocky Linux
    sudo cp ca.pem /etc/pki/ca-trust/source/anchors/realvnc-ca.crt
    sudo update-ca-trust
     
  3. Once you have installed the certificate, restart the browser to apply these changes.

Browsers

Chrome/Edge

  1. Download and save the certificate as a .pem
  2. Open Chrome or Edge and enter the following into the browser:

    Chrome
    chrome://settings/certificates

    Edge
    edge://certificate-manager/
     
  3. Select Manage imported certificates from Windows
  4. Select the Trusted Root Certification Authorities tab, then Import
  5. In the Certificate Import Wizard, select Next
  6.  Select Browse, and find and select the downloaded certificate
  7. Select Next, the store location should already be pre-selected as Trusted Root Certification Authorities, if not update the Certificate Store field to this
  8. Select Next, then Finish
  9. Restart the browser to apply these changes

Firefox

  1. Download and save the certificate as .pem (must be saved as a certificate authority certificate)
  2. Open Firefox and enter the following into the browser:
    about:preferences#privacy
     
  3. Scroll down to the Certificates section and select View Certificates
  4. The window should open on the Authorities tab, if not select the Authorities tab
  5. Select Import and select the downloaded certificate
  6. Check the Trust this certificate for identifying websites field
  7. Select Ok
  8. Restart the browser to apply these changes
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.