Communication between client and server is always symmetrically encrypted. Most of our customers run SmartNotes "on premise" in their own company network. For this scenario, this type of encryption is sufficient. As a further option for customers with a SmartNotes server outside their own company network, we have now implemented encryption via SSL. For communication, a key pair is exchanged between the SmartNotes server and the SmartNotes client.
Section |
---|
Column |
---|
|
|
Column |
---|
| To create the certificate on the SmartNotes server please start the Microsoft Management Console (Run -> mmc). In the opened window please open the File tab and click on "Add/Remove Snap-In". |
|
Section |
---|
Column |
---|
|
|
Column |
---|
| Please select the Certificates item here and add it via the center button |
|
Section |
---|
Column |
---|
|
|
Column |
---|
| Now please select the computer account and complete the certificate setup in the next step. |
|
Section |
---|
Column |
---|
|
|
Column |
---|
| Now you see in the tree structure on the left the new item "Own certificates" click right on this menu item and select "Request new certificate". |
|
Section |
---|
Column |
---|
|
|
Column |
---|
| Now continue creating the certificate until you get the registration policy. Now select the "Computer" item, expand it and open the properties. |
|
Section |
---|
Column |
---|
|
|
Under the item "Private key", the checkbox "Make private key exportable" must be set. After that, the change can be applied and the key can be registered. |
Section |
---|
Column |
---|
|
|
Column |
---|
| You should now be able to see the newly created certificate in the overview. Since SmartNotes requires a unique name of the certificate, you can also assign an alias. This step is optional and only needs to be done if multiple certificates with the same name exist. You can store the alias with a right click on the certificate under the properties. |
|
Section |
---|
Column |
---|
|
|
Column |
---|
| Now the certificate can be exported. This certificate must be stored on the individual clients in the next steps. |
|
Section |
---|
Column |
---|
|
|
Column |
---|
| In order for the certificate to be deposited on the clients, exporting of the private key must be enabled. The certificate should be created as PKCS #12 (.PFX) in the next step. |
|
Section |
---|
Column |
---|
|
|
Column |
---|
| Exporting the certificate requires the entry of a password. The server certificate must subsequently be imported on all clients that are to receive a connection to the SmartNotes server. |
|
|