SSL certificate

The server where Web UI components are installed requires an SSL/TLS certificate, signed by the Certification Authority (CA). This can be a commercial CA, or, alternatively, you can configure your Windows Server to act as a CA by installing the Certification Authority role service of Active Directory Certificate Services (AD CS).

To ensure proper functionality and to prevent SSL/TLS Handshake Failed error messages, make sure that TLS 1.2 is enabled. For more information, refer to the following Microsoft topic:

https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-server#bkmk_protocol

Note: For test purposes, you can use a self-signed certificate generated on the server where Web UI is installed (for example, using PowerShell). In this scenario, you need to add this certificate to the Trusted Root CA store of each client machine that is going to access the server.

Important! Take note of the certificate expiration date, and set a reminder to maintain it. Upon expiration of the server certificate, users will no longer be able to sign in to Web UI.