You are viewing limited content. For full access, please sign in.

Question

Question

Unsecured Laserfiche web access login page

Web Client
Updated November 14
asked on November 13

We're experiencing issues with the web access and Forms login pages displaying as "not secure." Although we've created a self-signed SSL certificate on the PC hosting the Laserfiche Server and Forms, the site still shows as non-secure.

We need assistance on securing the site for login access, both within and outside the domain, to ensure a secure connection for all users.

Screenshot 2024-11-13 175219.gif
Screenshot 2024-11-13 175219.gif (73.29 KB)
Download
0 0

Replies

replied on November 13

In the context of SSL certificates, "self-signed" is really a synonym for "untrusted" and should not be used. There's a good discussion in this thread https://answers.laserfiche.com/questions/220733/Simple-stepwise-Guide-for-installing-SSL.

I don't think that thread touches on using an IP address for a hostname, but that is also a problem as you won't be able to get a trusted certificate issued for it. You need to set up an actual dns name for that host.

4 0
replied on November 14

You need to set up an actual dns name for that host.

Set up and use. That means configuring it in both the Web Client Configuration and FormsConfig settings so that they use the fully-qualified name (like "lf.example.com") and not the IP address. The trusted SSL / TLS certificate must cover this fully-qualified name.

0 0
replied on November 13

Self-signed certificates are only trusted by the machines that have installed the self-signed certificate on them. So unless you have manually installed the certificate on all of your users' machines or pushed it out using group policy, they aren't going to trust the certificate and will receive the error you are seeing. In short, self-signed certificates should be avoided 99.9% of the time.

I would also highly recommend that you use a machine name or alias for the host name and not the IP address.

4 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Attachments
Related Posts
Loading ...