Jump to content

How do I install custom SSL cert for Polisy/Polyglot/pg3


Recommended Posts

Posted

Not a fan of using an untrusted cert in a browser.  Have have a wildcart cert for my domain that I would like to use.   Is there instruction on where they need to be installed?

I see various SSL installed, which one is used for the website?

/var/polyglot/pg3/ssl

/var/polyglot/ssl

 

Thanks,

Bill B.

Posted
1 hour ago, BillB66 said:

Not a fan of using an untrusted cert in a browser.  Have have a wildcart cert for my domain that I would like to use.   Is there instruction on where they need to be installed?

I see various SSL installed, which one is used for the website?

/var/polyglot/pg3/ssl

/var/polyglot/ssl

 

Thanks,

Bill B.

 

Posted (edited)

Pretty poor answer.   USI could at least document where they are putting the certs.    Their placement/naming is non standard.

Cost is a red herring when talking about user supplied certs other then the documentation effort.  

The thread is deep in opinions, but light on facts.   Managing/Issuing certs with Let'sEncrypt and ACME is trivial.  Took me about 15 minutes to set it up.  Then about a day to automate installation of the certs to QNAP, Plex, nginx, etc. 

https://letsencrypt.org/docs/client-options/

it's also free.  Far lower investment cost then using IoP.

Disappointed in the stance to say the least.

 

Thanks,

Bill B.

Edited by BillB66
added ACME.
  • Like 1
Posted
21 minutes ago, BillB66 said:

Pretty poor answer.   USI could at least document where they are putting the certs.    Their placement/naming is non standard.

Cost is a red herring when talking about user supplied certs other then the documentation effort.  

The thread is deep in opinions, but light on facts.   Managing/Issuing certs with Let'sEncrypt and ACME is trivial.  Took me about 15 minutes to set it up.  Then about a day to automate installation of the certs to QNAP, Plex, nginx, etc. 

https://letsencrypt.org/docs/client-options/

it's also free.  Far lower investment cost then using IoP.

Disappointed in the stance to say the least.

 

Thanks,

Bill B.

I think they are looking at things from a commercial standpoint vs individual user needs. 

Posted (edited)

Even my epson printer control panel supports custom SSL certs.    What is the target audience if certs are too complex, yet they still understand that a self signed cert is safe to click through.

 

Boggles the mind.

Edited by BillBinAz
Posted
11 minutes ago, BillBinAz said:

Even my epson printer control panel supports custom SSL certs.    What is the target audience if certs are too complex, yet they still understand that a self signed cert is safe to click through.

 

Boggles the mind.

It's not necessarily that they are too complex for people. UDIs concerns are probably different then epson's being that they cater to different situations.

With udi, they want to ensure that the different systems which encompass polisy/eisy are able to talk to one another. Being that they are a much smaller company, I'm sure they want to limit support calls due to someone not configuring their certs properly and breaking their system in the process. 

Posted
5 hours ago, BillB66 said:

Is there instruction on where they need to be installed?

Probably nothing to fit your need mentioned in the forums (as you said link shared by @lilyoyo1 didn't fit your need). So the best bet would be to open a support ticket directly with UDI and get information directly from them (if it's available). 

https://www.universal-devices.com/my-tickets

Honestly, I don't get the worry/concern. It's all internal so no traffic is leaving your network. Hope you get the answers to your questions.

Posted

Blame it on OCD, and Chrome's inconsistent behavior on letting you click through on an cert from an untrusted CA.

Good suggestion on a support ticket.  It may end up being a feature request based on how the Self Signed certs are being handled in pg3.  (just from looking at the setup)

Posted

You don't need to use https when accessing PG3, you can use unsecured http.  If you're accessing PG3 from your own network and you trust your network, then there's really no need for a secure connection.

Posted (edited)

True, I don't need to run HTTPS.   I would like to, and Polisy is built on a platform that supports a robust infrastructure (FreeBSD) that can support more then just self signed certs.

Also, it used to work with polyglot. 

Edited by BillB66
Guest
This topic is now closed to further replies.

  • Recently Browsing

    • No registered users viewing this page.
  • Forum Statistics

    • Total Topics
      37.2k
    • Total Posts
      372.4k
×
×
  • Create New...