Cryptographic certificates are the digital equivalent of website validation, which enables you to encrypt connections using TLS protocol and thus provide a secure link between server and client.
There are both paid and free certification centers. Let’s Encrypt is one of the free centers, which provides certificates for 90 days with an automatic renewal option.
For TrueConf Server users TLS certificate is required to join web meetings via WebRTC application and sync TrueConf Server with Active Directory.
Table of Contents
Step 1: Getting started
First, you should stop all TrueConf Server services and all processes that can use 80 and 443 ports, such as Apache Http Server.
To create a TLS certificate on Windows, download the ACME Simple (WACS) program. Then follow the instruction:
- Extract the downloaded archive to the
C:\wacs\
folder. - Create a crt directory in the same folder.
- Open Windows Defender Firewall.
- Go to Advanced Settings → Inbound Rules → New Rule → Port; enter 80 and 443 ports separated by comma in the Specific local ports field and click Next. Then select Allow the connection, click Next again, specify which profiles the rule will apply to (for all by default) and after clicking Next, save the rule under any name.
Step 2: Creating a certificate
Open a command line (cmd) as administrator and enter the following commands one by one:
- Run
C:\wacs\wacs.exe
. - Then select:
Create new certificate (full options)
(enterm
)Manual input
(enter1
).
- Specify your domain name and press Enter twice to confirm.
- Then choose:
[http-01] Serve verification files from memory
(enter2
)RSA key
(enter2
)PEM encoded files (Apache, nginx, etc.)
(enter2
).
- Specify a folder for saving certificates
C:\wacs\crt
. - After that, select:
No (additional) store steps
(enter3
)No (additional) installation steps
(enter4
).
- Specify an email address for error notifications.
- Answer additional questions as follows:
- for the
Open in default application?
typeno
- for the
Do you agree with terms?
typeyes
.
- for the
When you successfully create the certificate, you will see the Authorization result: valid
message. Answer no
to the Do you want to specify the user the task will run as?
question.
Three files will be generated in the C:\wacs\crt
folder:
- domain_name-crt.pem is the certificate itself
- domain_name-key.key is the key file
- domain_name-chain.pem is the trust chain, it includes Let’s Encrypt root and intermediate certificates.
Now you can use them in TrueConf Server, as shown in our article.