SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a server, it activates the padlock and the HTTPS protocol and allows secure connections from a server to a browser.
Typically, SSL is used to secure credit card transactions, data transfer, and logins, and more recently is becoming the norm when securing browsing of social media sites.
Nx Server utilizes a self-signed SSL certificate located in the certificate directory as a file called default.pem. It will be generated and renewed automatically when the Server restarts.
To improve Nx Server security, you can obtain a public/signed certificate from your preferred certificate provider and install it in the certificate directory as a file called cert.pem. A valid certificate should be issued by the Certificate Authority (CA) and contain the full certificate chain info, otherwise you will have to generate the Intermediate CA chain info yourself.
Obtaining a Custom Certificate
- Create a new file via a text editor and save it as cert.pem
- Open each certificate file you received from the CA in a text editor and extract the content:
a. Root CA (for example: ca_bundle.crt)
b. Server Certificate (for example: certificate.crt)
c. Intermediate CA (if not provided by your certificate provider, visit https://whatsmychaincert.com/ and enter the content from Server Certificate file to generate the content for the Intermediate CA)
d. Private Key (for example: private.key)
- Add the content to cert.pem in the following format:
-----BEGIN PRIVATE KEY----- ... Private key content ... -----END PRIVATE KEY----- -----BEGIN CERTIFICATE----- ... Root CA content ... -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- ... Intermediate CA content ... -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- ... Server certificate content ... -----END CERTIFICATE-----
- Save changes to cert.pem
Installing a Custom Certificate
Once you created the cert.pem file from the certificate files provided to you by your CA, take the following steps:
- Stop the Nx Server service.
- Navigate to the directory for the Nx Server SSL certificate.
C:\Windows\System32\config\systemprofile\AppData\Local<%COMPANY.NAME%><%COMPANY.NAME%> Media Server\ssl
- Move the cert.pem that you created in Obtaining a Custom Certificate to this location.
- Start Nx Server.
If you have any questions related to this topic or you want to share your experience with other community members or our team, please visit and engage in our support community or reach out to your local reseller.