On the computer on which the SmartAuditor Server is installed, the IIS
Web server sends its server certificate to the client when establishing an SSL
connection from the SmartAuditor Agent, SmartAuditor Player, or SmartAuditor
Policy Console. When receiving a server certificate, the SmartAuditor Agent,
SmartAuditor Player, or Policy Console determines which Certificate Authority
(CA) issued the certificate and if the CA is trusted by the client. If the CA
is not trusted, the certificate is declined and an error is logged in the
Application Event log for the SmartAuditor Agent or an error message appears to
the user in the SmartAuditor Player or Policy Console.
A server certificate is installed by gathering information about the
server and requesting a CA to issue a certificate for that server. You must
specify the correct information when requesting a server certificate and ensure
the server name is specified correctly. If the fully qualified domain name
(FQDN) is used for connecting clients (SmartAuditor Agent, SmartAuditor Player,
and Policy Console) the certificate information specified to the CA must use
the FQDN of the server rather than the NetBIOS name. If you specify NetBIOS
names, do not specify the FQDN when requesting a server certificate. Install
the server certificate into the local server’s certificate store. Install the
issuing CA certificate on each connecting client.
Your organization may have a private CA that issues server
certificates that you can use with SmartAuditor. If you are using a private CA,
ensure each client device has the issuing CA certificate installed. Refer to
Microsoft documentation about using certificates and certificate authorities.
Alternatively, some companies and organizations currently act as CAs, including
VeriSign, Baltimore, Entrust, and their respective affiliates.
All certificates have an expiration date defined by the CA. To find
the expiration date, check the properties of the certificate. Ensure
certificates are renewed before the expiration date to prevent any errors
occurring in SmartAuditor.
The SmartAuditor installation is configured to use HTTPS by default
and requires that you configure the default Web site with a server certificate
issued from a CA. If you need instructions for installing server certificates
in IIS, consult your IIS documentation.