Creating a Temporary Certificate for Client Installation
When you install a new client, you need to manually generate a temporary certificate to authenticate the installation. Once the temporary certificate is validated during installation, the client certificate is automatically created.
For a CommServe computer to be able to generate a temporary certificate for a client, it must first have a placeholder for that client. Use this procedure to create a placeholder for a new Windows client, and then to generate the certificate to be used during installation.
Before You Begin
You must enable client certificate authentication on the proxy client. For instructions, see Enforcing Client Certificate Authentication on the Proxy.
- From the CommCell Browser, right click the Client Computers node and click New Client > File System > Windows.
- Enter the Client Name and Host Name of the new client computer, then click Next.
- Review the client details and click Finish.
The new client computer appears in the CommCell Browser, with a gray icon to indicate its placeholder status.
Note: If the client or the CommServe is behind a firewall, be sure to configure the firewall properties of these components, and push the firewall configuration to the CommServe. For the steps to configure the appropriate firewall connection, see Firewall Using Direct Connections.
- On the Home tab of the CommCell Console toolbar, click Control Panel > Certificate Administration > Temp Certificate.
- Select the name of the client you created above from the Client Name list and click Create. The client certificate appears in the text box.
- Click Copy to Clipboard, then paste the contents into a new file, such as client1_cert.txt.
- Store the temporary certificate file where the client can access it during software installation, such as a network share or portable drive.
- Important: Once you close the Temporary Certificate dialog box, the certificate cannot be retrieved. Be sure to save the file you copied the certificate into.
- Click Close.
- In the Certificate Administration dialog box, the certificate for the new client is displayed with the "active" status in the list of client certificates. Click OK.
- Start the software installation process on the client computer.
- When the installer requests the certificate to authenticate the new client identity, click Browse and navigate to the file containing the temporary certificate that you created.
- Select the client name and host name that you provided during the configuration of the placeholder in Step 2.