Security Certificates

Security certificates must be installed on all Workflow application server and client machines in your system.

Security certificates are used to protect your identifiable information and to protect your computers from unsafe software. A certificate is a statement verifying the identity of a person or the security of a website.

During the application installation process, certificates are automatically generated using the Workflow Certificate service. Alternatively, you can select a security certificate for the ProficyPlatform, Proficy STS, and SSL/TLS server services.

You can configure the following types of certificates:

  • Self-signed certificates generated during the installation process.
  • Existing certificates that you installed and configured for a previous version of the application.

The Workflow client computer must verify and trust the identity of the server before it can securely send a user's login and password credentials and complete the authentication process. To establish this trust, the client must trust the root of the server's certificate. That is, the client must have the certificate of the Certificate Authority (CA) that issued the server certificate in their Trusted Root Certificate Authorities store.

When you generate new certificates or use existing certificates, the following steps will occur.
  • Install a trusted root certificate.
  • Install a certificate to a Certificate Store (by default, the Personal Certificate Store).
  • Install generated self-signed certificates to the proper Certificate Store(s).
  • Register the SSL certificates to IP ports assigned to the Workflow application server.
  • Provide the option to use existing certificates configured for a previous version of the application.
Important: The SSL/TLS Server Certificate must be unique to each server.

For information on changing or updating security certificates post-installation, see Modify security certificates.