cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
babu19
Occasional contributor

Self signed certificate in Local license server.

Hi All,
I am using a self-signed certificate to configure my local license server. On client side, I am using C library. I exported the HTTPS certificate from the browser, and trying to use in the client machine.

On windows, its easy, I imported the certificate to the Windows Trusted store and my product is working fine.

On Linux (Redhat 7), I tried many options, but nothing is working. Can you please help how to identify the correct system trusted store Flexnet library using?

0 Kudos
3 Replies
Flexera tphamda
Flexera

Re: Self signed certificate in Local license server.

If you are using the C XT kit, you can implement the FlxCommSetSSLCertificatePath() API to explicitly specify the certificate file you want to use. If you do this, make sure that the specified file resides on the client machine and that the certificate is in a PEM (trusted) or cert (untrusted) format.

0 Kudos
babu19
Occasional contributor

Re: Self signed certificate in Local license server.

Hi @tphamda 

Thank you for replying.

Using  FlxCommSetSSLCertificatePath() is one solution, but  I am trying to avoid using a specific file here and use the default trusted certificate store to obtain the certificate.

As I mentioned, on Windows it is easy. we can import the certificate to Window's trusted storage and the flexnet library will use it.

I am looking the similar solution in Linux, but not sure where import the certificate. I don't see any document related to this. Flexnet client lib should be using a default trusted store to get the certificates.

Thanks 

0 Kudos
Flexera tphamda
Flexera

Re: Self signed certificate in Local license server.

If you install the root certificate using platform-specific instructions, then you should be able to avoid having to use FlxCommSetSSLCertificatePath().  Of course, not all Linux systems handle certificates in the same way. From what I can gather, FNE uses cURL libraries which has CURLOPT_CAPATH set to "/etc/ssl/certs" on Linux. 

0 Kudos