During installation of varous Luware components you can opt in to "Configure Certificate Security" options. On these dialogues the certificate thumbprints need to be provided.
Also read the official → Microsoft documentation on this topic.
To find the thumbprint of a certificate use the Microsoft Management Console (MMC) to get access to a certificate and then read its thumbprint in the properties.
- Open the Start Menu , type mmc and press ENTER.
- In the Console add a certificate snap-in:
- On the File menu, click Add/Remove Snap In (or press Ctrl+N)
- In the Add or remove Snap-ins dialog box, select Certificates.
- Click Add.
→ the entry is moved to selected snap-ins.
- In the Certificates snap-in dialog box, select "Computer account" and click "Next"
- In the Select Computer dialog box select "Local Computer" and click Finish
- In the Add or remove Snap-ins dialog box, click OK.
→ The window is closed
- In the Console Root window, expand Certificates (Local Computer) > Personal > Certificates
- In the central panel, double-click the certificate.
- In the Certificate dialog box select the Details tab.
- Select Thumbprint in the list and copy the thumbprint hexadecimal string
- Encode the copied string in ANSI (use Notepad++) and remove first hidden characters.
This string is to be used during installation of Luware components
Configure Certificate during LUCS Components Installation
One of the requirements for building service-oriented system is to protect the transmitted data. To guarantee the safety of this data, Luware products provide the possibility to use certificate-based encryption and verification during the communication between a client and a server. The client identifies itself with this certificate. The service accesses the server to confirm the authenticity of the certificate - and in extension - the client.
Certificate Setup during Installation
The certificate security can be configured during installation of Luware components and services. There are two sets of settings that can be configured:
- Server settings: The server settings specify which settings the service will use to validate other services when they try to reach this service.
- Client settings: The client settings specify which settings the service will use while connecting to other services.
To configure certificate security select 'Configure Certificate Security' flag during installation:
Upon clicking 'Next' button with this flag enabled you will be presented an extra step to configure options:
A certificate thumbprint is a hexadecimal string that uniquely identifies a certificate. A thumbprint is calculated from the content of the certificate using a thumbprint algorithm.
→ This is to be generated via Microsoft Management Console. Read more about it on the "Retrieve Thumbprint of a Certificate" page from Microsoft.
When copied from the source the thumbprint is unicode encoded but you need it in plain ASCII → Notepad++ or any equivalent editor is a great help to convert it.
Don't forget to set up permissions for the certificate private key so that the service account can access it.