- Revenera Community
- :
- FlexNet Embedded
- :
- FlexNet Embedded Forum
- :
- Re: Self signed certificate in Local license server.
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Self signed certificate in Local license server.
Hi All,
I am using a self-signed certificate to configure my local license server. On client side, I am using C library. I exported the HTTPS certificate from the browser, and trying to use in the client machine.
On windows, its easy, I imported the certificate to the Windows Trusted store and my product is working fine.
On Linux (Redhat 7), I tried many options, but nothing is working. Can you please help how to identify the correct system trusted store Flexnet library using?
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
If you are using the C XT kit, you can implement the FlxCommSetSSLCertificatePath() API to explicitly specify the certificate file you want to use. If you do this, make sure that the specified file resides on the client machine and that the certificate is in a PEM (trusted) or cert (untrusted) format.
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Hi @tphamda
Thank you for replying.
Using FlxCommSetSSLCertificatePath() is one solution, but I am trying to avoid using a specific file here and use the default trusted certificate store to obtain the certificate.
As I mentioned, on Windows it is easy. we can import the certificate to Window's trusted storage and the flexnet library will use it.
I am looking the similar solution in Linux, but not sure where import the certificate. I don't see any document related to this. Flexnet client lib should be using a default trusted store to get the certificates.
Thanks
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
If you install the root certificate using platform-specific instructions, then you should be able to avoid having to use FlxCommSetSSLCertificatePath(). Of course, not all Linux systems handle certificates in the same way. From what I can gather, FNE uses cURL libraries which has CURLOPT_CAPATH set to "/etc/ssl/certs" on Linux.