Installing the certification authority (CA) certificate for the sample website

OneSpan Authentication Server uses Secure Sockets Layer (SSL) connections. This means that the OneSpan Authentication Server sample website needs to connect to OneSpan Authentication Server via a URL starting with https. The certificate trust store of the OneSpan Authentication Server sample website includes the public key of the OneSpan Authentication Server certificate to validate the SSL connection.

You need to install the certification authority file for validating client SSL connections by OneSpan Authentication Server. The certification authority file is named ikey_soap_serverca.pem and is located in the OneSpan Authentication Server binary folder. By default, that is %PROGRAMFILES%\VASCO\IDENTIKEY Authentication Server\bin.

Before you begin

Ensure that you have successfully installed the sample website package (see Installing the sample authentication website).

Installing the certificate for the sample website

To install the private certificate file via Microsoft Management Console

1. Start the Microsoft Management Console by typing mmc in a Command Prompt window.

2. If the Console Root tree does not contain the Certificates snap-in, add the snap-in by doing the following:

   1. Select File > Add/Remove Snap-In.

   2. Click Add.

      The Add Standalone Snap-in dialog appears.

   3. Select Certificates and click Add.

      The Certificates snap-in dialog appears.

   4. Select Computer account and click Next.
   5. Select Local Computer: (the computer this console is running on) and click Finish.

      Selecting any setting other than Local Computer: (the computer this console is running on) will cause the SDK sample website (and any other websites created by the SDK) to fail.

      This will return you to the Add Standalone Snap-in dialog.

   6. Click Close to return to the Add/Remove Snap-in dialog.

      There should now be a Certificates (Local Computer) entry in the Add/Remove Snap-in dialog

   7. Click Ok to return to the Microsoft Management Console.

3. Select Certificates (Local Computer) > Trusted Root Certification Authorities entry from Console Root of the Microsoft Management Console snap-in.

   

   Figure: Private certificate file installation via MMC – Certificates (Local Computer)

4. Right-click Certificates in the Object Type pane and select All Tasks > Import from the context menu.

   The Certificate Import Wizard appears.

5. Verify that Store Location is set to Local Machine and click Next.

   

   Figure: Private certificate file installation via MMC – Select Store Location

6. Click Browse and navigate to the required certification authority file.

   

   Figure: Private certificate file installation via MMC – File to Import

   The certification authority file is named ikey_soap_serverca.pem and is located in the OneSpan Authentication Server binary folder. By default, that is %PROGRAMFILES%\VASCO\IDENTIKEY Authentication Server\bin.

7. Select Place all certificates in the following store and ensure that Trusted Root Certificate Authorities is selected. Otherwise, click Browse and change it accordingly via the Select Certificate Store dialog.

   

   Figure: Private certificate file installation via MMC – Certificate Store

8. Click Next.
9. Click Finish.

   If a confirmation message box pops up, click OK.

10. Refresh the view of the Certificates folder within the Microsoft Management Console to confirm that the OneSpan Authentication Server certification authority is listed.
11. Close the Microsoft Management Console.