ControlSuite ClientsUnified ClientsUnified Clients OverviewKofax Unified Client for XeroxPrepare for deployment of Unified Client for XeroxDWS configurationCertificate managementServer certificate management

Server certificate management

Certificates used for communication between the servers (AutoStore, DWS, Equitrac, and Output Manager) must meet the following requirements:

  • Be valid as of the current date. Expired certificates need to be replaced.

  • Have a subject or alternative subject name that matches the address entered in DRS.

    If the network environment requires servers to communicate using IP addresses, and there is not one on the certificate, modify the hosts file on DWS to use the subject common name on the certificate. See the web server documentation for instructions.

  • If the certificate is self-signed, DRS must be configured to allow self-signed certificates. If you do not want to use self-signed certificates, it must be from a certificate authority listed in the Java keystore (typically C:\Program Files\Nuance\Shared Services\DWS\JDK\jre\lib\security\cacerts).

  • Match the previously pinned certificate.

These certificates are listed in DWS on the Security tab. You can review the certificates and delete and re-pin them as needed.

Follow these instructions for installing and viewing the certificates.

Server certificates for Equitrac and Output Manager

Follow these steps to install server certificates for Equitrac and Output Manager.

  1. To use your own certificate with Equitrac and Output Manager, follow these steps in Configuration Assistant.
    1. Click the Certificate Management tab.
    2. Select all components.
    3. Select Action > Import Certificate.
    4. Go to the folder where you saved the self-signed certificate you exported.
    5. Select the certificate file, enter its password, and click OK.
    6. Click Apply and then click Close.
  2. In Equitrac, restart DCE.

Server certificate for AutoStore

Install the AutoStore server certificate by doing the following:

  1. Select Preferences > Choose Certificate > New self signed.
  2. In the Company field, enter the same server name that was entered in DRS.
  3. Enter a password.
  4. Restart the AutoStore service.

Viewing and managing server certificates in DWS

  1. Run DWS Server Web Admin.
  2. Click the Security tab.

    The certificates identified by DWS are listed.

  3. Scroll to the Server Certificates section at the bottom.

    This lists the server certificates currently in use with their expiration dates. You can manage these server certificates by using the links to the right of each one as follows:

    • If a certificate needs to be repinned, click the Re-pin link.

    • If a certificate has expired or otherwise needs to be removed, click the Delete link.