Install self-signed certificates on PC

Install self-signed certificate on PC (Windows)

If you enable TLS on your S3 server and your CANedge1 via a self-signed certificate, your browser/PC will typically not recognize the self-signed certificate. Hence you’ll see warnings in your browser - and e.g. the MinIO client and our OTA batch manager tool may not work.

To solve this, you can add the certificate to your PC’s trusted list via the below steps:

  1. Open the command prompt from your start menu (type cmd then enter), then enter mmc
  2. In the Microsoft Management Control window, open File/Add/Remove Snap-in...
  3. From the list select Certificates, then Add. Select Computer account, Next and Finish
  4. In the main view, right-click Trusted Root Certification Authorities and click All Tasks/Import
  5. Browse to your public.crt self-signed certificate and add go to Finish
  6. Verify that your browser no longer warns you when accessing the TLS-enabled MinIO server

Install self-signed certificate on PC (Linux - tested with Ubuntu 19.04)

  1. Create a new certificate directory (e.g. s3_cert): $ sudo mkdir /usr/local/share/ca-certificates/s3_cert

  2. Copy the public server certificate to the new directory: $ sudo cp public.crt /usr/local/share/ca-certificates/s3_cert

  3. Load the new certificate:

    $ sudo update-ca-certificates
    Updating certificates in /etc/ssl/certs...
    1 added, 0 removed; done.
    Running hooks in /etc/ca-certificates/update.d...
    done.