SSL Certificates

A self-signed Server Certificate 'AP Platform Certificate' is provided on installation, but we strongly recommend that you use a publicly-signed Secure Sockets Layer (SSL) certificates instead.

Purchasing an SSL Certificate

SSL certificates provide an extra layer of server security that ensures that the connection between the Mobile Server and clients is protected from unauthorized users. It is strongly recommended to use SSL with ENPS Mobile, even when used entirely within your protected network.

Complete the following steps to obtain an SSL certificate:

  1. Generate a Certificate Signing Request (CSR) and save it to a text file. Instructions on generating a CSR can be found on various sites on the internet.

    When you enter the name of your website, do not enter a wildcard representing a wide domain name range, e.g. *.sitename.com. Instead, provide the name you have created specifically for the server that must be in the form of netbios.sitename.com.

  2. Purchase an SSL Certificate once you have the CSR. Contact your vendor directly for any SSL Certificate installation or support questions.

Generating a Certificate Request

To generate a certificate request, perform the following steps:

  1. On the server desktop, click the Start button.

  2. Click on Administration Tools.

  3. From the sub-menu, click on Internet Information Services (IIS) Manager.

  4. In the Connections pane on the left, click the name of your server.

  5. In the middle pane, double-click on the Server Certificates icon (in the IIS section of the pane).

  6. In the Actions pane on the right, single-click on Create Certificate Request.

    The Request Certificate wizard should open.

  7. Complete the form with the following information:

    You may not use the following characters in your responses:

    < > ~ ! @ # $ % ^ * / \ ( ) ? &

    • Common Name. The exact URL/address that your staffers will use to access your ENPS server from the field. Example: enps.wxxx.com or enpsmobile.wxxx.com

    • Organization. The name in which your domain legally registered. Must be the same name under which your domain name is registered.

    • Organizational Unit. Use this field to identify a group within your company. Something that is helpful for your tracking/record-keeping.

    • City/Locality. The full name of the city or village in which your company is registered/located. NOTE: Do not abbreviate.

    • State/Province. The full name of state or province in which your organization is located. NOTE: Do not abbreviate.

    • Country. The two-letter ISO country code for the country in which your company is legally registered.

  8. Click the Next button.

  9. For Cryptographic service provider, from the drop-down select Microsoft RSA SChannel Cryptographic Provider.

  10. For Bit length from the drop-down select: 2048.

  11. Click the Next button.

    The server is going to create a short text file that you will copy and send to your SSL Certificate Vendor to formally request your SSL certificate.

    In the space, type in the full path and name for how you want the text file to be temporarily written to your server. You may click on the ellipsis button to open a Save As dialogue box to guide your file naming. Give it a very obvious name so you can identify it easily.

    If you have used the Save As dialogue box, click the Open button.

  12. Click the Finish button.

Follow the directions from your SSL vendor for requesting your certificate. It will require copying the text from the file you just created.

Your SSL Certificate vendor will provide you with two files. Save them to someplace that you will remember on your ENPS Mobile server.

You'll install the SSL Certificate and enable SSL later in the Post-Installation steps.

Next Steps

Continue to the steps in Update Devices.