Skip to main content

SSL Certificates

Securing communication with SSL certificates is a critical step in deploying SEI. A valid SSL certificate encrypts all data exchanged between users and servers, protecting sensitive information and ensuring trust in web browsers. This is essential for secure web access, Single Sign-On (SSO), embedded integrations, and compatibility with features like the Excel Add-in.

Before you begin installation, verify that you have a valid .pfx certificate file issued by a trusted Certificate Authority—not a self-signed certificate. Make note of the domains and names the certificate covers, and check the expiration date so it will not expire during your planned installation window. The certificate must be selected carefully to ensure it works with all servers you intend to secure. If you are considering a wildcard certificate (one that covers an entire domain and all subdomains), or if you need a certificate for multiple specific names, be sure to confirm the certificate type aligns with your needs and Nectari deployment scenarios.

Install the SSL certificate

  1. Double-click your certificate file to start the Certificate Import Wizard.
  2. Select Local Machine when prompted, so the certificate is available to all users and services on the server.
  3. Click Next twice to continue.
  4. Enter the certificate password provided by your organization.
  5. Check Mark this key as exportable to allow future backups or installations on multiple servers.
    This is especially useful if you will use the same certificate on more than one server (for example, on separate Web and Distribution servers).
  6. Click Next twice.
  7. Click Finish, then Ok when the confirmation message appears.

Check the certificate expiry date

  1. Press Windows key + R, then type certmgr.msc and press Enter.
  2. Expand the Personal folder and select Certificates in the left pane.
  3. In the right pane, review the Expiration Date column for your certificate.

Determine the certificate type

  1. In the Certificates Management window (certmgr.msc), double-click your certificate to open it.
  2. On the General tab, review the Issued to line:
    • A wildcard certificate (e.g., *.domainname.com) covers your entire domain and all subdomains.
    • A specific name certificate will show only fixed hosts.
  3. For certificates tied to specific names, go to the Details tab and select Subject Alternative Name to see all names the certificate applies to.
note

Take note of each authorized name—you’ll need these during installation and configuration. Only the names listed are permitted to access the Web Central Point Configurator; all other names will be blocked.