| Agile Product Lifecycle Management Security Guide Release 9.3.6 E71146-01 |
|
 Previous |
The section describes how to set up AutoVue 21.0.1 for HTTPS for various browsers.
Use Microsoft Windows built-in certificate store. If the certificate is imported for one browser, it will also be available for the other. Windows provides a certmgr utility, which can be used to remove certificates from the store.
Copy localhost.cer from the web accessible location to the client machine. For example, <AutoVue Install Dir>\tools\localhost.cer.
Double-click the localhost.cer file to open it.
Click the Install Certificate button. The Certificate Import wizard begins.
Click the Next button to run the import process.
Select the Place all certificates in the following store option and click the Browse button to select the Certificate Store.
Select the Trusted Root Certification Authorities store, click OK, then click the Next button.
When you click the Finish button to complete the process, a Windows popup dialog appears to warn about the risk to install such a certificate. Accept it with the Yes button:
Close the initial certificate dialog. The installation is complete.
Mozilla Firefox uses its own certificate store instead of the Windows certificate store. The procedure to add a certificate for Firefox requires the use of additional tools. There are various tools that can be used to import a certificate into the Firefox certificate store. Refer to https://wiki.mozilla.org/CA:AddRootToFirefox for details.
As mentioned in the Mozilla wiki page, Mozilla is planning to accept the certificates stored in the Windows Store beginning from version 52, which is scheduled for March 7th, 2017. Then, the procedure described above for Chrome and Internet Explorer will work for Firefox, as well. Meanwhile, you can either use CCK2 Firefox Add-On or the certutil utility to import the certificate into the Firefox store. The following sections describe how to use each of these tools to import the certification in Firefox store.
The following steps describe how to use the CCK2 tool to import a certificate:
Open Firefox and download a free version of CCK2.
Copy localhost.cer from the web location to the client.
Click the Allow button when prompted to allow the installation of the Add-On for your browser, then click Install, and then click the Restart Now button to restart Firefox.
A new button 
is added to the right side of the browser address bar.
Click on the new CCK2 button. A dialog window is displayed
Click the New button to create a new CCK2 configuration. A new window appears.
Fill in a Name and a unique Identifier.
In the next window, CCK2 wizard starts on the About page. Fill in the Description field, Version, and provide an Output Directory.
In the left pane, scroll down and select Certificates.The Certificates page appears in the wizard window.
Click the Add File button and browse for localhost.cer certificate. Select and add the file.
In the Certificates window, select all the three check-boxes with the Trust this CA to issue server certificates option. Click OK.
In the left pane of the main wizard window, scroll down to the last item in the list, Finish, and select it. The Finish page appears.
Click the Use AutoConfig button. A popup should confirm the successful creation of the CCK2 configuration with a message like "CCK2 Creation is complete and available at: <selected Output Directory>".
Close Firefox and the CCK2 Wizard. The flowing elements should be created under the selected output directory:
cck2.config.json file
autoconfig.zip
firefox folder
Unzip the contents of the autoconfig.zip file to the directory where Mozilla Firefox executable files are saved. This is typically C:\Program Files (x86)\Mozilla Firefox. The following files should added to the Mozilla directory:
cck2.cfg file
cck2 folder
defaults folder
The certificate installation is complete. Restart Firefox and test.
You can now remove the CCK2 Add-On and its output directory, if desired.
The following steps describe how to use the certutil utility tool to import a certificate:
Close the Firefox browser.
Download the Network Security Services Tool that contains the certutil utility from Mozilla. Unpack the ZIP file containing the certutil utility into a new directory on the client machine.
Copy the localhost.cer file from the web location to the new folder.
Find the cert8.db file under your Firefox profile, %USERPROFILE%\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxxxxx, in your home directory.
Open a command prompt window and go to the folder on which you unpacked the certutil utility. Run the following command:
certutil -A -d %USERPROFILE%\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxxxxx -i localhost.cer -n localhost -t "C,,"
|
Note: There is another certutil utility on Microsoft Windows which is in the path. Be careful to call the unpacked Mozilla certutil utility either directly from the scratch directory where it is or by appending explicitly its whole path to prevent calling the Windows certutil. |
|
Note: To list Firefox certificates using this tool to confirm that you already installed it, run the following command:certutil -L -d %USERPROFILE%\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxxxxx |
|
Note: To delete an existing certificate in order to replace it with the new one, run the following command:certutil -D -d %USERPROFILE%\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxxxxx -n localhost |
Done. The certificate has been imported to Firefox successfully.
To import a certificate into Safari browser, complete the following steps:
Start Safari.
Open the localhost.cer file in Safari from its web accessible location to download the certificate to the client. For example, <AutoVue Install Dir>\tools\localhost.cer.
Double-click the downloaded localhost.cer file. Keychain Access opens. Add the certificate to the keychain.
Double-click the added local host certificate. Ensure that the Trust menu is expanded and set the value of the Secure Sockets Layer (SSL) field to Always Trust.
Close Keychain Access. The certificate has been imported.
