Installing the Zementis Security Certificate for Zementis Server on the Cloud

Why do I need to install the Zementis Security Certificate?

Zementis Server on the Cloud is configured to run in a secure way using the Secure Sockets Layer (SSL) protocol. This applies both to the Web User Interface and the available Web Service. SSL requires that a server identifies itself with a trusted certificate. While usually such certificates are signed by known Root Certification Authorities, this cannot be done automatically in a virtual server environment on the cloud. To overcome this limitation, Zementis has created a special certificate signing mechanism. By default, web browsers are configured not to automatically accept such certificates and will warn you of a possible security problems accessing the Zementis Server web interface. While you can ignore the warnings and proceed to the web interface, we recommend that you install in your browser the Zementis CA Root Certificate. You will need to do this once and will configure your browser to trust all Zementis Server certificates that have been signed by Zementis.

Note: If this solution does not meet your security requirements, please contact Zementis for creating and configuring instances with your own certificates.


On Windows download to your computer the Zementis CA Root Certificate. Right click on the downloaded file and select Install Certificate. This opens the welcome page of Certificate Import Wizard.


Click Next to move to the certificate store selection page.


Select Place all certificates in the following store and Browse to Trusted Root Certification Authorities and select OK.

Click Next to move the final confirmation page.


Finally, select Finish to complete the install.

You may get a "Security Warning" dialog asking if you would like to install this certificate. Please select "Yes".



On Mac use the Keychain Access utility to import the Zementis CA Root Certificate.

One way to do this is from the Web Browser where you access the Zementis Server Console. In the address bar, click the little lock with the X. This will bring up a small information screen. Click the button that says “Certificate Information.” Click and drag the image to your desktop. It looks like a little certificate. Double-click it. This will bring up the Keychain Access utility. Enter your password to unlock it.

Click the "Add" button.


Be sure you add the certificate to the System keychain, not the login keychain.

Click “Always Trust,” even though this doesn’t seem to do anything.


After it has been added, double-click it. You may have to authenticate again. Expand the “Trust” section. “When using this certificate,” set to “Always Trust”.

Close Keychain Access and now the browser should recognize the Zementis certificate.


Article is closed for comments.
Powered by Zendesk