help Cross-network connectionsInternet connection via SwyxRemoteConnectorRequirementsUsing Digital certificates for RemoteConnector › Manually generated certificates
Manually generated certificates
You can also manage certificates entirely manually. In this case, you'll have to take care of the procurement of root certificate, server certificate and all client certificates yourself. It is possible to utilize a self-signed root certificate.
The server certificate and all client certificates must be signed with the root certificate. You have to install the server certificate inside the server's Windows certificate storage, and the client certificates in the Windows certificate storages on the client PCs. SwyxWare saves only one thumb print for selecting the matching certificate for the RemoteConnector connection.
The server certificate must be installed on the computer on which SwyxRemoteConnector is running.
The certificates must include the following extensions:
Certificate type
X509v3 extensions:
Root certificate
X509v3 Basic Constraints: critical
    CA:TRUE
X509v3 Key Usage:
     Certificate Sign, CRL Sign
Server certificate
X509v3 Basic Constraints:
    CA:FALSE
X509v3 Key Usage:
   Digital Signature, Non Repudiation, Key Encipherment
    X509v3 Extended Key Usage:
      TLS Web Server Authentication
Client certificate
X509v3 Basic Constraints:
      CA:FALSE
X509v3 Key Usage:
     Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
     TLS Web Client Authentication
The certificates must be imported in the Windows certificate storage at the following position:
Certificate type
Range in certificate storage
Path in Windows certificate storage
Root certificate, public key only
Local computer memory
("Computer account")
Certificates (Local Computer) | Trusted Root Certificates | Certificates
Server certificate (including private key)
Local computer memory
("Computer account")
Certificates (Local Computer) | Personal - Certificates | Certificates
Client certificate (including private key)
 
Current user memory
("Own user account")
Certificates - Current User | Personal | Certificates
Last modified date: 08/20/2020