Installing the Internal Root CA Certificate in a PCoIP Client¶
Your root CA certificate must be installed in any PCoIP client that will be used to connect to the PCoIP Agent.
Installing Root CA Certificates in the PCoIP Software Client for Windows¶
Root CA Certificate must have a .crt extension
You must change the root CA certificate's extension from .pem to .crt before installing it on a PCoIP Software Client.
Windows must trust your root certification authority
When you use your own private key and certificate, you must add your internal root CA certificate to the Windows Trusted Root Certification Authorities certificate store on the client computer.
Users without a trusted root CA will receive an Unable to get local issuer certificate error and fail to connect.
Active Directory group policies
For information on using Active Directory Group Policy to distribute certificates to client computers, see http://technet.microsoft.com/en-us/library/cc772491.aspx.
To import the root CA certificate for the PCoIP Software Client for Windows:
Copy your root CA certificate file (*.crt) to a directory reachable by your Windows client.
Open the Microsoft Management Console on the agent machine:
- Press + r to open the run dialog
- type mmc and press Enter.
Add the Certificates snap-in:
- Select File > Add/Remove Snap-in.
- Select Certificates from the Available snap-ins list and then click Add.
- Select My user account and then click Finish.
- Click OK.
Import the root CA certificate:
- Expand Certificates - Current User.
- Right-click on Trusted Root Certification Authorities, select All Tasks > Import from the context menu, and then click Next.
- Use the Browse button to navigate to the directory where your root CA certificate is located and select your root CA certificate.
- Click Open and then Next.
- Select the option to place all certificates in the Trusted Root Certification Authorities certificate store.
- Click Next and then Finish.
- At the security warning, click Yes.
After the certificate installs successfully, it appears in the Trusted Root Certification Authorities > Certificates list.