Obtaining an SSL certificate

requires the .NET Framework. Because the .NET Framework requires secure HTTP transactions, you must obtain a digital certificate, which is an electronic document used to verify server identification and to encrypt communication between server and client. There are three ways to obtain an SHA-2 certificate:

  • Purchase one from a Certification Authority (CA)
  • Generate one from the internal certificate server (comes with Windows Server)
  • Create a self-signed certificate.

After February 14, 2017 Windows only trusts SHA-2 SSL certificates and SHA-1 Code-signing certificates time-stamped before 2016-01-01. For more information, see KB 1856530 for Microsoft Windows certificate cut-off dates.

Note: Observe these guidelines when you determine how to implement security certificates at your site.
  • When you order an SSL certificate, always specify the server name as a fully qualified domain name, for example, server.corp.com. All automated configuration and tooling in Infor Smart Office will assume that your certificate contains the fully qualified server name.
  • .NET Framework 4.5 does not allow non-trusted certificates to be accepted by users. Therefore, the application and the HTTP servers must be configured to use SSL.
  • An SSL certificate is created for a specific URL and HTTP server. It can not be reused on any other server.

The table shows the advantages and disadvantages of each mode of acquiring a certificate:

Mode of acquisition Advantages Disadvantages
Issued by a third-party vendor Applicable to clients from any domain. Additional expense; delivery time gap.
Issued by an in-house certificate authority. Inexpensive; automatically applies to all clients in the internal network. Configuration and maintenance of certification server is needed; applies only to domain clients.
Self-signed certificate Inexpensive and easy to use, especially for test environments. Not recommended because it is not as secure as certificates issued by a root certificate. The certificate must also be installed on every client machine in advance in order for Infor Smart Office to start.