How can I prevent the two SPS nodes of all our customers from displaying the certificate error on the login web page?
- Products
- Solutions
- Resources
- Trials
- Support
- Partners
- Communities
How can I prevent the two SPS nodes of all our customers from displaying the certificate error on the login web page?
Hi Dario,
SPS allows you to either use SPS generated certificates or upload external certificates from a trusted Certificate Authority in the customer's environment.
If using the internally generated certificates by SPS then you would need to add the internal SPS CA certificate to the Trusted Root CA Certificates.
Here is the Admin guide section for managing the SPS certificates:
Further down on that page is also a section titled (Uploading external certificates to One Identity Safeguard for Privileged Sessions (SPS)) which references using certificates issued outside of SPS for example if the customer as their own Certificate Authority.
Thanks!
The Information you shared above is great. I have been reading all you shared here. In this you explained everything very well. If i want any further guideline we will contact you here https://www.oneidentity.com/community/safeguard/f/forum/33628/sps-gosloto-certificate
Hello gosloto, sorry but i feel stupid! :-) if i want to use the SPS generated certificate i have to put the first certificate (following the link above) CA.X509 certificate in my personal certificate under trusted certificate in my pc? So every user have to do the same in own pc? But i think is recommended (if i understand right) that is better to upload in SPS (under Basic Settings --> Management --> SSL certificate) the customer certificate from their internal CA, right? and after upload it in SPS i have to upload it also in the personal certificate in own pc