Realm Server Certificates and Web Browsers

The realm server generates its own certificates. Web browsers detect and reject such self-signed certificates. Administrators can resolve this issue at the realm server, or at each individual browser.

A secure realm server generates an internal private key certificate, with which it identifies itself to client applications, web clients, utilities, and affiliated realm servers.

Web browsers recognize that the web certificate is not signed by a trusted root certificate, and warn users that it might compromise security. To circumvent this issue, choose from these strategies:

Realm server GUI users load the realm server’s trust store file, ftl-trust.pem, into the browser’s trusted certificate store.
Realm server GUI users respond to the browser’s warning by explicitly trusting the realm server’s web certificate.

Related concepts

Trust File

Running a Secure Realm Server

Related reference

Keystore File Password Security

Contents

Index

Search Results

Realm Server Certificates and Web Browsers