StifleR
2.10
2.10
  • Start Here - StifleR 2.10
  • Introduction
    • StifleR Overview
      • The StifleR Solution
      • Managing Microsoft Data Transfer Services
    • Technical Overview
      • 2Pint BranchCache Administrator Guide
    • Features Overview
      • Control
      • Monitor
      • Automate
      • Other Features
      • StifleR Feature Details
    • Release Notes
  • Proof of Concept
    • Objectives and Prerequisites
    • Configure Microsoft Peer-to-Peer Components
    • Install and Configure StifleR
    • Testing and Validation
    • StifleR POC Quick Checklist
  • Planning
    • StifleR Server Considerations
    • StifleR Client Considerations
    • Firewall Ports
    • Permissions
    • Antivirus Exclusions
    • Network Topology
    • StifleR Generic Concepts
      • Client Leader Roles
        • Red Leader
        • Blue Leader
        • Green Leader
        • Examples of Leader Selection
      • Templates
      • Beacons
  • Installation
    • Overview
    • Server
      • StifleR Server Installation
      • StifleR Dashboard Installation
      • StifleR Beacon Installation
    • Client
      • StifleR Client Installation
      • Post Installation Checks
  • Configuration
    • Configuration Files
      • StifleR Server Configuration File
        • Using the AppSettings Override File
      • StifleR Client Configuration File
      • StifleR Dashboard Configuration File
    • Configuring BranchCache on Windows Server
    • Configuring Delivery Optimization
    • Configuring LEDBAT on CM DPs
    • Configuring a Beacon Server
    • Configuring StifleR SQL History
    • StifleR Network Locations
      • Automatic linking of Location, Network Groups and Networks
      • Network Topology Automation
      • Location Fields
        • Network Group Fields
          • Network Fields
    • StifleRulez.xml Configuration Guide
      • The Match – TypeData
        • When the Job Title Isn’t Suitable
        • ConfigMgr Specific Rules
      • The Setting - DownloadTypes
        • Delivery Optimization Jobs
      • Sample StifleRulez.xml
    • Securing StifleR Operations with SSL
      • Prerequisites
      • Using a Web Server Certificate
        • Requesting a Web Server Certificate
      • Using a Self-Signed Certificate
      • Preparing the StifleR Dashboard Web Site for SSL
      • Configuring StifleR to Use SSL
      • Finding the Certificate Thumbprint
    • StifleR Client Access Control Options
  • Operations
    • Dashboard
      • Overview & Navigation
        • Home Page
        • Traffic & Downloads
          • Transfers & Downloads
            • How to use query hosts search?
          • Running Sequences
          • Weekly Downloads Activity
          • History
        • Devices
          • Clients
            • Client Details
              • How to use an extended search?
          • Servers
          • StifleR Server
            • Templates Detail
        • Cache Management
        • System Resource Usage
        • Network Topology
          • Maps
          • Countries
          • Locations
            • Bandwidth Allocations and Locations
          • Network Groups
          • Networks
        • Reporting & Diagrams
    • Client Management & Remote Tools
      • Remote PowerShell Session
      • Remote Performance Counter
      • Remote WMI Browsing
      • Remote Event Log Viewer
      • Remote Netmon Session
    • Monitoring
      • StifleR server health
      • StifleR client health
      • BranchCache Testing and Monitoring
    • Maintenance tasks
    • Bandwidth Management and Allocation
      • Bandwidth Tuning Monitoring and Control
    • Backup and Recovery
      • Moving the StifleR Server Databases to a New Drive on the Same Server
    • Troubleshooting
      • StifleR Client Command Line Options
      • BranchCache across Subnets
    • StifleR WMI Provider
Powered by GitBook
On this page
  • Creating the Self-Signed Certificate
  • Copy the self-signed Certificate to the Trusted Root Certification Store
  • Exporting a Self-Signed Certificate
  • Importing the Self-Signed Certificate on Clients
  1. Configuration
  2. Securing StifleR Operations with SSL

Using a Self-Signed Certificate

PreviousRequesting a Web Server CertificateNextPreparing the StifleR Dashboard Web Site for SSL

Last updated 3 months ago

If you don't have a web server certificate which has been issued by an internal or public Certificate Authority, but you'd like to test with SSL operations, you can create a self-signed certificate. This can be done within the Internet Information Services (IIS) Manager.

Once the self-signed certificate is created and clients are configured to trust it, you can follow the steps to .

Creating the Self-Signed Certificate

  1. Open IIS Manager (InetMgr).

  2. Select the Computer Name or root.

  3. Open the Server Certificates link.

  4. In the Actions pane, select Create Self-Signed Certificate.

  5. At the "Specify Friendly Name" dialog box, enter a friendly name and select the Personal store. Click OK to create the certificate.

Copy the self-signed Certificate to the Trusted Root Certification Store

Once you have a self-signed certificate, you need one more step to make the certificate trusted so that HTTP clients will accept it on your machine without error. The process involves copying the certificate from the personal store to the trusted machine store:

  1. From the Run command execute: certlm.msc.

  2. Go into Personal | Certificates folder and find your certificate.

  3. Right-click and copy the certificate, and paste it into the to Trusted Root Certification Authorities | Certificates folder.

Now that you have a self-signed server certificate, you must now install the certificate on your clients so they will trust the server certificate. To do this, you will have to export the self-signed certificate to a file.

Exporting a Self-Signed Certificate

Once you have a self-signed certificate, you can export it so it can be installed on clients:

  1. From the Run command execute: certlm.msc.

  2. Go into Personal | Certificates folder and find your certificate.

  3. Right-click the certificate, and in the context menu, select All Tasks | Export.

  4. At the "Certificate Export Wizard" click Next.

  5. At the "Export Private Key" screen, select Yes, export the private key, and click Next.

  6. Proceed through the rest of the wizard and the end result should be a .PFX file which can be imported on clients.

Note: In the Certificate Export Wizard, you will be asked to secure the certificate with a group or username or password. If automating the deployment of the certificate, using a group may be easier than a password, so the password is not exposed in whatever command you use to import the certificate on a client. If importing the certificate manually, a password is acceptable.

Importing the Self-Signed Certificate on Clients

For clients to trust the self-signed certificate on the StifleR Server, the exported certificate (.pfx) file will need to be imported into the following client LocalMachine certificate stores:

  • Personal\Certificates (My)

  • Trusted Root Certificate Authorities\Certificates

This can be done by using the certutil.exe -importpfx command or this can also be done via PowerShell using the following command:

#imports the certificate to the Personal Certificates (My) store
Import-PfxCertificate -FilePath <Path to .PFX file> -CertStoreLocation Cert:\LocalMachine\My
#imports the certificate to the Trusted Root Certificate Authorities store
Import-PfxCertificate -FilePath <Path to .PFX file> -CertStoreLocation Cert:\LocalMachine\Root

Configure StifleR to use SSL