HTTPS Certificate

The HTTPS Certificate option allows you to configure the SSL/TLS certificate used for secure communication with the system. You can either use the default self-signed certificate delivered with the software or upload your own custom certificate.

A self-signed certificate is an identity certificate signed by the same entity whose identity it certifies. This is the default certificate provided with the software. The system displays information about the certificate:

• Certificate name
• Certificate Authority
• Expiration date

Note:

Self-signed certificates are not trusted by browsers by default and may generate security warnings. 

A custom certificate is signed by a Certificate Authority (CA) or can be self-generated. Use this option if you want to replace the self-signed certificate with your own trusted certificate. To configure, you must upload both:

• Private key file
• Certificate file

Requirements: 

• Only private keys encrypted by RSA or ECC (Elliptic Curve Cryptography) are supported. 
• RSA: Key length must be at least 2048 bits. 
• ECC: Supported curves: 
• P-256 (secp256r1 or prime256v1) 
• P-384 (secp384r1)

After selecting the files, click Apply to activate the certificate.

1. Select the certificate type (Self-signed or Custom).
2. If Custom, upload the required private key and certificate files.
3. Click Apply.
4. The system will immediately apply the new certificate.

• “Invalid certificate or key” error
  • Check that the private key and certificate match. Ensure the private key is at least 2048 bits (RSA) or uses a supported ECC curve.
• Connection fails after applying a custom certificate
  • Verify that the uploaded files are not corrupted and the certificate chain is complete (including intermediate certificates if required).
• Expired certificate
  • Replace the certificate with a new one before the expiration date to avoid service interruption.