Importing Security Certificates
Importing security certificates for HTTPS connections to the Biz server
The Civic Platform Biz server is installed with a self-signed certificate by default. For HTTPS connections from component IIS servers (such as Citizen Access, Mobile Office, Accela GIS, and Accela Gateway) to the Biz server, your agency can choose to either:
-
Use the default Biz server self-signed certificate, which must be imported to the trusted certificate store on the component IIS server(s).
-
Certificates that are to be added to the Civic Platform's Biz server must now also be registered in the applications Java KeyStore. See Administrator Guide > Appendix: Security Enhancements > TLS Compliance > Configuration for more information.
- Get the Citizen Access server URL from the
web.configfile on the Citizen Access server's IIS root folder, as shown below:
- On a web browser, go to the Citizen Access server URL. When the browser
returns a security warning that the certificate cannot be verified,
click Continue to this website…:
- Click Certificate Error next to the address bar, then click
View certificates:
- On the Certificate window, click Install Certificate and
click OK. If this options is not enabled, close IE and run it
again as Administrator.
- Click Next, then on the Certificate Import Wizard window,
select Place all certificates in the following store, and click
Browse:
- Check the Show physical stores checkbox, expand Trusted Root
Certificate Authorities, select Local Computer”, and
click OK.
- Click Next, and then Finish to close the wizard.
- Go to the Citizen Access URL on the browser again to verify that the browser no longer returns a security warning.