CONNX Data Integration Suite 14.8.0 | Administration Guide | CONNX REST Server | Securing the CONNX REST Server | Scenario 1 - Continued usage of the self-signed SSL certificates created by the CONNX REST Server
 
Scenario 1 - Continued usage of the self-signed SSL certificates created by the CONNX REST Server
The CONNX installation creates a self-signed certificate. Since the certificate is self-signed, and the Trusted Root Certificate is not recognized by any other PC, accessing the CONNX REST Server from other PCs in the environment requires additional steps on each of these PCs.
After installation, the self-signed certificate is installed and bound to the default port of 9500. If the installer detects that a certificate has already been bound to port 9500, the existing certificate is left alone and not replaced.
The self-signed certificate created by the installation can be found in your 64bit installation directory, under the openssl folder. The name of the file is DataSyncWebAPI.crt.
*To enable access to the CONNX Angular client on another PC:
1. Install the certificate under Trusted Root Certification Authorities.
a. Copy the ConnxWebAPI.crt from the CONNX server to the new PC.
b. Run certlm.msc as administrator.
c. Expand Trusted Root Certification Authorities in the left pane, right click on Certificates and select All Tasks -> Import.
d. Follow the steps in the Certificate Import Wizard to complete the certificate installation.
2. Configure Firefox for use with Self-Signed Certificates.
Since the trusted root certificate is self-signed, the Firefox browser will still issue a security warning. You can click Advanced -> Accept the Risk and Continue to dismiss it and continue to the CONNX REST Server site. To permanently suppress this message and eliminate the need to add an exception for the certificate, Firefox (must be version 68.8 or higher) must be configured to allow enterprise root certificates:
a. Open the Firefox browser.
b. Type "about:config" in the address edit box, and accept the risk of the issued warning.
c. Type "security.enterprise_roots.enabled" in the search field.
d. Double-click on the entry to toggle the value from false to true. Firefox may display a value of true for this setting even though it has never been changed. In this case, change the value to false and then back to true.
e. Close and restart the browser for the change to take place.
You should now be able to access the CONNX REST Server without the security warning appearing.