A security shield icon on the Metasys server or SCT login and user interface screens indicate the encryption state:
- Green Shield: the connection is encrypted and trusted
- Orange Shield: the connection is encrypted, but not trusted
- Red Shield: the connection is encrypted, but the security level cannot be verified
To deploy a trusted server certificate at the Metasys server or SCT computer, follow Steps 1-3. Then, if the IT department or CA has provided separate files for the root and intermediate certificates, follow Step 4. Also follow Step 4 if you need to establish a trusted relationship between the client computer and the Metasys server and SCT computer. If you want to establish encrypted and trusted communication between the Metasys server and network engines, follow Step 5, which explains how to set the Site Security Level. Lastly, perform Step 6 if you want to verify all certificates are in place.
- Requesting a server certificate
- Completing a server certificate request
- Binding the secure certificate
- Importing root and intermediate certificates
- Setting the Site Security Level to Encrypted and Trusted
- Verifying the server certificate chain
For details on how to remove or rebind a secure certificate, see Removing or rebinding the secure certificate. For details about how to remove a self-signed certificate from the certificate store, see Removing the self-signed certificates in the certificate store. For details on renewing an existing certificate, see Renewing an Existing Certificate. For details on certificates from a third-party certificate authority, see Requesting certificates from a third party certificate authority. For details about managing certificates on network engines, refer to SCT: System Configuration Tool Help (LIT-12011964).
Lastly, this appendix describes how to use two special security attributes that you set in the site object of the Site Director: Site Security Level and Advanced Security Enabled. See the following sections for details: