FileCloud runs on Apache web server.
- Apache server can be configured to serve the website securely using HTTPS protocol.
- To enable the HTTPS protocol, you will need an SSL certificate.
If you are using Active Directory and want to:
- Add AD users
- Change AD passwords
- Secure the connection to Active Directory
Then you will need to configure additional settings and also install an SSL certificate on the AD server.
This topic does not relate to securing connections with your AD Server.
SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.
To be able to create an SSL connection a web server requires an SSL Certificate. When you choose to activate SSL on your web server you will be prompted to complete a number of questions about the identity of your website and your company. Your web server then creates two cryptographic keys - a Private Key and a Public Key.
The complexities of the SSL protocol remain invisible to your customers. Instead their browsers provide them with a key indicator to let them know they are currently protected by an SSL encrypted session - the lock icon in the lower right-hand corner, clicking on the lock icon displays your SSL Certificate and the details about it. All SSL Certificates are issued to either companies or legally accountable individuals.
To enhance the security of the Root certificate, two intermediate certificates are created from which SSL certificates are signed and issued.
- An intermediate certificate is a subordinate certificate issued by the trusted root specifically to issue end-entity server certificates.
The result is a certificate chain that begins at the trusted root CA, through the intermediate and ending with the SSL certificate issued to you. Such certificates are called chained root certificates.
Creating certificates directly from the CA root certificate increases the risk of root certificate compromise, and if the CA root certificate is compromised, the entire trust infrastructure built by the SSL provider will fail. The usage of intermediate certificates for issuing SSL certificates to end entities, therefore, provides an added level of security. You must install the intermediate certificate in your Web server along with your issued SSL certificate to complete the trust chain and allow the certificate to be effective.
Once you’ve got your certificate files, seeing your file extension will allow you to know what’s in the file, and if you need to convert them.
Concatenated certificate container files
Frequently required for certificate installations when multiple certificates are being imported as one file.
The *.crt and *.cer file formats are interchangeable and contain the same information.
the *.crt file is a Microsoft convention and can be easily converted to *.cer.
An SSL certificate contains both:
*.key = the private key to the certificate
*.crt = the signed certificate
A file that contains root and intermediate certificates.
The chain is required to improve compatibility of the certificates with web browsers and other kind of clients.
This allows browsers to recognize your certificate so that no security warnings appear.
This is an archive file format for storing several cryptographic objects in a single file.
All this is wrapped up in a single file which is then protected with a pfx password.