previous
next
When you log on to Gateway Administrator, the browser connects to the Reflection Gateway Administrator server. When users log on to the Transfer Client, the browser connects to the Reflection Transfer Server. In both cases, the connection is made using HTTPS and the default configuration results in certificate warning messages.
Why you see certificate warning messages
When an HTTPS connection is established, the browser requires server authentication. By default, the Reflection Gateway servers send a self-signed security certificate to the browser for this purpose. (A self-signed certificate is signed by the same entity that it certifies.) The browser checks the digital signature in this certificate against its list of trusted Certificate Authorities (CAs) A server, in a trusted organization, which issues digital certificates. The CA manages the issuance of new certificates and revokes certificates that are no longer valid for authentication. A CA may also delegate certificate issuance authority to one or more intermediate CAs creating a chain of trust. The highest level CA certificate is referred to as the trusted root. . You see a certificate warning because the signer of the certificate is not in your browser's list of trusted CAs.
Managing certificates
Depending on where you are in your Reflection Gateway evaluation and configuration process, you can use any of the following approaches to manage server certificates.
Use the default self-signed certificates and ignore the certificate errors.
This option is appropriate during initial testing.
Configure your browser to trust the self-signed certificates.
This option is appropriate during initial testing. You might also choose this as a permanent option for the Gateway Administrator.
Make this change to the Reflection Transfer Server before you provide end users with URLs for launching the Transfer Client. This change enables Transfer Client users to connect securely without seeing certificate warning messages.