How do I fix the unsecure browser warning when accessing the PCoIP Management Console web interface?
Problem
When accessing the Management Console web interface the web browser displays a message such as "This site is not secure", "Your connection is not secure" or "Your connection is not private"
Cause
The web browser cannot validate the security credentials of the PCoIP Management Console web interface. The browser may not trust the certificate or the website address does not match the certificate.
The browser will never trust the default self signed certificate that ships with the PCoIP Management Console.
Resolution
There are a few reasons why the certificate may not be trusted.
- The default self signed certificate must be replaced with a certificate that is trusted by your web browser.
- The certificate used on the PCoIP Management Console has been revoked.
Note: Certificates signed by some public CA's such as Symantec are no longer trusted by web browsers.
Generate a new certificate and have it signed by a trusted CA. - You are accessing the PCoIP Management Console via the IP address when only the fully qualified domain name (FQDN) is in the subject or subject alternative name in the certificate. Use the FQDN instead or create a new certificate with the IP in the subject alternative name.
- The web browser doesn't trust the certification authority that signed the management console's certificate. Install the signing certification authority's certificate on your computer.
Installing the Certificate in Internet Explorer
To install the certificate in Internet Explorer
- Right-click the certificate file (*.pem), and then select Install Certificate.
- When the Certificate Import Wizard appears, click Next.
- Select Automatically select the certificate store based on the type of certificate. Click Next.
- Click Finish to complete the import. The certificate is now added to the Windows Trusted Root Certification Authorities certificate store.
- Restart Internet Explorer so that it rescans the Windows certificate store.
Installing the Certificate in Mozilla Firefox
To install the certificate in Mozilla Firefox (version 50.0)
- From the Tools menu, select Options.
- Click Privacy & Security scroll down to Certificates.
- Select View Certificates.
- From the Authorities tab, click Import.
- From the Select File dialog, select the certificate file (*.pem).
- From the Downloading Certificate dialog, select the Trust this CA to identify web sites checkbox, and then click OK. The certificate will appear in the list on the Authorities tab, click OK.
Note: In Firefox you can disable the certificate warnings by adding an exemption for the PCoIP Management Console. To do this, click I Understand the Risks on the This Connection is Untrusted warning page and follow the directions.
Installing the Certificate in Google Chrome
To install the certificate in Google Chrome. Chrome has stricter security requirements when it comes to certificates and you need to ensure both common name and alternate names are used. The alternate name should match the appliance name. For example if your FQDN of the management console is mymc.domain.com then ensure the alternate name matches.
- Click the Chrome menu on the browser toolbar.
- Select Settings.
- At the bottom of the page, click the Advanced link.
- In the Privacy and Security section, click Manage certificates.
- Select the Trusted Root Certification Authorities tab.
- Click Import.
- Click Next at the first Certificate Import Wizard screen.
- Browse to the certificate location, select the certificate file (*.pem), and then click Next.
- Select Automatically select the certificate store based on the type of certificate. Click Next.
- Click Finish.
Installing the Certificate in Microsoft Edge
As Microsoft Edge does not support viewing or adding certificates, you cannot install a PCoIP Management Console certificate into the browser.