Because EmpowerID is a fully federated SSO, communication between EmpowerID and the Web Server is secure and occurs over SSL. This requires that the EmpowerID Web Server have a certificate issued by a trusted CA that matches the DNS of the server hosting the EmpowerID Web Service before any user can log in to EmpowerID from either the EmpowerID Management Console, Workflow Studio, or the EmpowerID Web application. In this topic we demonstrate how to configure the EmpowerID Web Server for SSL by adding a self-signed certificate to the EmpowerID Web site.
Use self-signed certificates only for testing purposes or in situations where the EmpowerID server is not accessed publicly by computers outside of an internal domain. For public-facing production servers (accessed by non-domain computers), use a certificate issued by a widely trusted CA. |
|