https-access configuration

During the installation of the server part of the complex, a self-signed SSL certificate is automatically generated to access the server machine (https://localhost and https://DNS_machine_name). The certificate is also added to the trusted zone on Windows^(*).

If you access the server machine from a remote machine, then the certificate must be added to the trusted zone on this machine.
It can be done by execution on this computer next command (with administrator rights)^{(*), (**)}:

certutil -addstore Root "server.crt"

File server.crt should be copied from the server machine (Windows: C:\Program Files (x86)\httpd\conf\server.crt, Linux: /etc/ssl/crt/stkh/server.crt).

To add certificate into the trusted zone in domain it is necessary to perform next steps:
https://technet.microsoft.com/en-us/library/cc754841.aspx

^(*) Attention! For Firefox you must manually add the self-signed certificate to the exclusions list!
^(**) Attention! For Chrome you must close all browser windows after adding certificate to the trusted zone!

v11.1.3476 (build: Jan 12 2026)
Introduction +Software suite structure +Software suite installation +Software suite uninstall +Software suite update +Global settings -Other Remote employees Server behind the DMZ Remote monitoring via internet https-access configuration Server transfer Client service LDAP for PostgreSQL SSL-encryption for SQL Data synchronization tool Document marking utility Getting started with Astra Linux +FAQ +Technical support	https-access configuration During the installation of the server part of the complex, a self-signed SSL certificate is automatically generated to access the server machine (https://localhost and https://DNS_machine_name). The certificate is also added to the trusted zone on Windows^(). If you access the server machine from a remote machine, then the certificate must be added to the trusted zone* on this machine. It can be done by execution on this computer next command (with administrator rights)^{(), ()}: certutil -addstore Root "server.crt"* File server.crt should be copied from the server machine (Windows: C:\Program Files (x86)\httpd\conf\server.crt, Linux: /etc/ssl/crt/stkh/server.crt). To add certificate into the trusted zone in domain it is necessary to perform next steps: https://technet.microsoft.com/en-us/library/cc754841.aspx ^() Attention!* For Firefox you must manually add the self-signed certificate to the exclusions list! ^() Attention! For Chrome** you must close all browser windows after adding certificate to the trusted zone!
© KICKIDLER DLP