We have a machine for demos and would like to know how the SSL certificate would work for Discussions. Currently we have a self-signed certificate for LFDS and can view Discussions, but we'd like to be able to view discussions outside of the machine. The machine has a public IP and a public URL. Please advise on what type of SSL certificate will be needed. Will we need a certificate for IIS or for the web end?
Question
Question
Replies
This is not a Laserfiche question. Client machines need to be able to verify the authenticity of the certificate. This is done against the list of trusted authorities registered on the machine accessing the website. While inside of your domain, the certificate can be pushed to the client machines through group policy (therefore making it look legitimate to them), external machines will not be able to verify it. So the web browsers will display warnings about it. It would be up to the user to decide whether they want to register an exception for it or not.
You can likely get a free certificate from Let's Encrypt.
Will we need a certificate for IIS or for the web end?
I'm not sure what distinction you are making here. Can you clarify?
Since there's different types of SSL certificates, we're trying to determine if the SSL would need to be put on IIS or on the domain URL.
It would typically go on the IIS machine, but if you have a reverse proxy set up it might go there instead.