SSL self signed certificates

In order to use SSL or TLS for any service you must install a server certificate. This can be done by purchasing a certificate from a trusted certificate vendor or by installing a self signed certificate.

A self signed certificate allows secure communication without the cost of purchasing a certificate. However, the certificate cannot be verified by a users client or browser and will display a warning. The user must then select to continue with the certificate despite the trust warning.

Creating a self signed certificate

We have often been asked why we do not supply a certificate that can be installed on your PC to run WebMail etc.

There are various reasons but the main one is that you should use a real certificate that is unique to your installation.

It is simple to do this and to make life easier we have put the required files into a self extracting zip file and included a batch file to run in order to create and install a self signed certificate. You can then use this certificate in FTGate.

Please note that using SSL does slow down all services that use it due to the overhead of encryption. So if you only use a service over the LAN there is no point in using SSL.

You can download the zip from here:

Download the file and run it, store the files in a known location.

Then use the DOS command box to run the batch file with a single argument with the server domain name you wish to use. e.g.

cert www.myserver.com

This will create and install a certificate called www.myserver.com

You should make this name the hostname of your computer as typed in your browser.