IBM® Content Collector uses
the HTTPS protocol for network communication. This requires a certificate
for authentication. If you did not replace the default certificates
that were created by the web application server with
certificates signed by a trusted certificate authority, email clients
must accept a certificate for authentication when they contact the IBM Content Collector server.
About this task
The certificate testifies that a server really is the server
that a client wants to connect to. Important: Never use
self-signed certificates in a production environment. Replace the
self-signed certificates by certificates issued by a trusted authority
before running
IBM Content Collector in
a production environment.
Self-signed certificates can only be trusted
directly while certificates signed by a trusted certificate authority
have transitive trust. Transitive trust means that if the clients
trust parts of the certificate chain the trust relationship is extended
automatically to all parts of the certificate chain. In this case,
email clients do not need to accept a certificate for authentication
when they contact the IBM Content Collector server.
Procedure
To install a certificate:
- Open a web browser on the email client workstation.
- In the address field of the browser, type the following
URL:
http://ICC_Web_Server:11080/AFUWeb/init
where ICC_Web_Server is
the name of the IBM Content Collector web
server.
If you installed
part of the
Content Collector web
applications on an external
web application server,
you must use an HTTPS call to the
Configuration Web Service instead:
https://ICC_Server:11443/AFUConfig/Configuration?
type=ibm.ctms.configWebService&unique=default
where
ICC_Server is
the host name of the machine on which you installed the
IBM Content Collector Server.
A website with an error message is displayed. The message
varies depending on the web browser that you use.
- Follow the instructions for your web browser.
Restriction: Content Collector Outlook Web App does
not support Mozilla Firefox or Apple Safari.
| Browser |
Procedure |
|---|
| Microsoft Internet Explorer |
After you saw this message Your connection is not secured
with HTTPS, follow these steps:
- Click Continue to this website (not recommended).
- Click Certificate Error in the small field
next to the address bar.
- On the Certification Path tab of the Certificate window,
select the root certificate and click View Certificates.
- Click Install Certificate and click Yes when
you are asked whether you want to install the certificate.
- Press F5 to refresh the page. The certificate error in the address
bar disappears and a padlock icon is displayed, which indicates the
use of HTTPS. The main window of the browser shows the message:
Your
connection is secured with HTTPS.
Tip: If you
have problems installing the certificate when you use Internet Explorer,
check the setting of the Do not save encrypted pages to
disk option. To do so, click . Go to the security
settings on the Advanced tab and ensure that
the option is not selected.
- Restart your web browser.
|
| Mozilla Firefox |
After you saw this message This Connection is Untrusted,
follow these steps:
- From the options that are available on this website, select I
Understand the Risks.
- Click Add an Exception and accept the certificate.
The page in the browser window shows the message:
Your connection
is secured with HTTPS.
|
| Apple Safari on Mac OS |
After you saw this message Safari can’t verify the
identity of the website "ICC_Web_Server",
follow these steps:
- From the options that are available on this message window, select Show
Certificate.
- Select Always trust and click Continueaccept
the certificate.
- Enter your password to make the changes to your certificate trust
settings. The page in the browser window shows the message:
Your
connection is secured with HTTPS.
|