How to configure client machines when F-Secure Endpoint Proxy is using self-signed certificates for testing purposes This article describes how to configure client machines when self-signed certificates are in use with F-Secure Endpoint Proxy, also known as Policy Manager Proxy (PMP).
If, for testing purposes, you have decided to use a self-signed (not trusted) certificate, you need to add the certificate as trusted on every client machine that is working together with the Proxy. Otherwise, the Software Updater is not able to establish a connection with the Proxy, as the connection is untrusted.
Important: These instructions are only for testing purposes. Using self-signed (not trusted) certificates is a less secure way to serve installation packages and should by no means be used in real systems. To use a trusted certificate with F-Secure Endpoint Proxy, see this article.
To set up the environment for the client, you need to open the Microsoft Management Console. Do this as follows:
- Open the Start menu.
- Type in
mmc, and run the command with administrator privileges. - In the Console, go to File, then from the menu, select Add/Remove Snap-in.... The Add/Remove Snap-in... window opens.
- On the left side menu, select Certificates, then select Add and OK.
- In the tree pane on the left, go to Console Root > Certificates > Trusted Root Certification Authorities > Certificates.
- Right click your mouse on Certificates and select All Tasks > Import....
- Follow the wizard and choose your generated CA certificate* to add the certificate as trusted for the client. *A CA certificate is a digital certificate issued by a certificate authority.