On the computer on
which the Session Recording Server is installed, the IIS Web server sends its
server certificate to the client when establishing an SSL connection from the
Session Recording Agent, Session Recording Player, or Session Recording Policy
Console. When receiving a server certificate, the Session Recording Agent,
Session Recording Player, or Policy Console determines which Certificate
Authority (CA) issued the certificate and if the CA is trusted by the client.
If the CA is not trusted, the certificate is declined and an error is logged in
the Application Event log for the Session Recording Agent or an error message
appears to the user in the Session Recording Player or Policy Console.
A server certificate
is installed by gathering information about the server and requesting a CA to
issue a certificate for that server. You must specify the correct information
when requesting a server certificate and ensure the server name is specified
correctly. If the fully qualified domain name (FQDN) is used for connecting
clients (Session Recording Agent, Session Recording Player, and Policy Console)
the certificate information specified to the CA must use the FQDN of the server
rather than the NetBIOS name. If you specify NetBIOS names, do not specify the
FQDN when requesting a server certificate. Install the server certificate into
the local server’s certificate store. Install the issuing CA certificate on
each connecting client.
may have a private CA that issues server certificates that you can use with
Session Recording. If you are using a private CA, ensure each client device has
the issuing CA certificate installed. Refer to Microsoft documentation about
using certificates and certificate authorities. Alternatively, some companies
and organizations currently act as CAs, including VeriSign, Baltimore, Entrust,
and their respective affiliates.
have an expiration date defined by the CA. To find the expiration date, check
the properties of the certificate. Ensure certificates are renewed before the
expiration date to prevent any errors occurring in Session Recording.
Recording installation is configured to use HTTPS by default and requires that
you configure the default Web site with a server certificate issued from a CA.
If you need instructions for installing server certificates in IIS, consult
your IIS documentation.