Show Hide

 

Feedback

  • Contents
 

Subsystem Certificates

Use this page to choose which certificates are trusted and untrusted by the CIC server. Subsystems with new or untrusted certificates will not be allowed to connect to the server until they are trusted.

Show

Select what certificates to display by choosing one of the following options on the pull-down menu:

  • All Certificates

  • New Certificates

  • Trusted Certificates

  • Untrusted Certificates

Trusting remote subsystem certificates

Remote CIC subsystem servers, such as Interaction Media Server, Automated Speech Recognition Server, and remote Session Manager Servers, send their trusted certificate to the CIC server when establishing a connection to the Notifier subsystem. As a safety precaution, a CIC administrator must deliberately trust the certificates from these remote subsystems before they can establish a connection.

To trust a new certificate from a remote subsystem:

  1. On the Connection Security page, click on the Configure subsystem certificates… link.

    Or...

    On the Certificate Management page, click on the Modify… button for Subsystem Certificates Configuration.

  2. On the Subsystem Certificates dialog, select All Certificates or Untrusted Certificates on the drop-down list to display the certificates in an untrusted state.

  3. In the State column, select the desired "Untrusted" application certificate click the Trust button, then click Close.

Notes: Some subsystem connections are trusted automatically when run on the CIC server, so no intervention from a CIC administrator is required.  When Setup Assistant runs on a CIC server, it creates a subsystem connection to Notifier and automatically registers and trusts a client certificate.  In the case of a switchover pair, running Setup Assistant on both CIC servers auto-matically registers and trusts their client certificates.

If a remote subsystem server is compromised or is taken out of service, you may need to tell the CIC server to stop trusting a certificate from that server, or delete that certificate once it is obsolete. When you revoke or delete a certificate, CIC terminates any subsystems using the certificate.