Skip to main content

SSL Certificate installation and verification

  1. Last updated
  2. Save as PDF
Install the public SSL certificate

To set up the SSL certificate for Netsmart Homecare applications and services, you must install the certificate and verify it. The certificate is installed in a physical store as a Trusted Root Certification Authority on the local computer. 

Note: The Public SSL certificate is automatically installed on Netsmart Homecare client workstations by the Netsmart Homecare installer or during the self-update.

  1. Double-click the certificate file in Server Certificates.
  2. On the General tab, select Install Certificate.
  3. In the Certificate Import Wizard, select Next.
  4. In the Certificate Store, choose Place all certificates in the following store and select Browse to specify the certificate store location.
  5. In Select Certificate Store, select Trusted Root Certification Authorities.
  6. Select OK.
  7. In Certificate Store, select Next.
  8. In Completing the Certificate Import Wizard, choose Finish.
  9. If a security warning asks whether you want to install the certificate, click Yes.
    Note: A notification message indicates the certificate import was successful.
  10. Select OK.
Verify the SSL certificate

Verify the certificate using the Microsoft Management Console (MMC).

  1. Select Start > Run and enter MMC.
  2. Select OK.
  3. Select File > Add/Remove Snap In.
  4. Choose Certificates from the Available snap-ins list and select Add.
  5. Select OK.
  6. Choose Computer account and select Next.
  7. In Select Computer, make sure the Local computer: (the computer this console is running on) option is selected,
  8. Select Finish.
  9. Select OK to close Add or Remove Snap-ins.
  10. In Console Root, do the following:
    1. Expand the Certificates (Local Computer) directory.
    2. Expand the Trusted Root Certification Authorities directory.
    3. Select Certificates.
    4. Verify that the root certificate is displayed in the pane on the right side of the console.
  11. Double-click the certificate to verify its properties. You can also double-click the certificate .cer file from the location on your hard drive to open the properties dialog. For verification, it is necessary to know the certificate's details as provided by the CA. The value in the following fields helps to identify the certificate:
  • Issued to: DNS name of the computer. The HTTPS web service users must enter this value precisely as it is in the browser URL field.
  • Issued by: Name of the authority that provided the certificate.
  • Friendly Name: Unique name of the certificate (helps to identify it among the others quickly).
  • Valid from <DATE> to <DATE>: Date range that indicates when the certificate becomes active and when it expires.
  1. Select the Certification Path tab and verify the path of the certificate.
  2. Select OK.
Install the root certificate issued by the private CA provider

If you use a certificate issued internally by your agency’s IT department, the CA root certificate must be installed in a physical store as a Trusted Root Certification Authority on both server and client machines. Your agency’s IT department must provide you with the following certificate files that must then be installed on your Netsmart Homecare environments:

  • Certificate with a private key (with the password to install it)
  • Certificate with a public key
  • Certificate Authority (CA) root certificate

Before proceeding to the certificate installation, make sure the necessary certificate file is saved in the file system on the target machine.

Install the certificate on the server side

Depending on the deployment model, use one of the following scenarios:

  • Netsmart Homecare server, Security Token Service (STS), and add-ons are installed on one server machine.
  • Install the private key certificate under the local computer account.
  • Install the CA root certificate under the local computer account.
  • Install the public key certificate under the local computer account.

The Netsmart Homecare server and STS are installed on one server machine, and add-ons are installed on separate server machines. On the machine where the Netsmart Homecare server and STS are installed, you must:

  • Install the private key certificate under the local computer account.
  • Install the CA root certificate under the local computer account.
  • Install the public key certificate under the local computer account.

On the machine where add-ons are installed, you must:

  • Install the public key certificate under the local computer account
  • Install the CA root certificate under the local computer account
Install the certificate on the Netsmart Homecare client

To install certificates on Netsmart Homecare client computers, you must:

  • Install the public key certificate under the user account.
  • Install the CA root certificate under the user account.
Install the private key certificate under a local computer account
  1. Select Start > Run and enter MMC.
  2. Choose OK.
  3. Select File > Add/Remove Snap In.
  4. Choose Certificates from the Available snap-ins list and select Add.
  5. Select OK.
  6. Choose Computer account and select Finish.
  7. In Add or Remove Snap-ins, select OK.
  8. In Console Root, do the following:
    1. Expand the Certificates (Local Computer) directory.
    2. Expand the Personal directory.
    3. Right-click Certificates, choose All Tasks, and select Import.
  9. Select Next and do the following:
    1. Specify the path to the certificate with the private key (*.pfx) located on the server machine file system and select Next.
    2. Enter the password for the private key and select Next.
      Note: Your IT department must provide this password with the certificate file.
  10. In Select Certificate Store, make sure the Personal location is selected under the Place all certificates in the following store button and select OK.
  11. Select Next then select Finish.
    Result: A message notifies you that the certificate import was successful.

  12. Select OK to complete the installation.

Install the public key certificate under a local computer account
  1. Select Start > Run and enter MMC.
  2. Select OK.
  3. Select File > Add/Remove Snap In.
  4. Choose Certificates from the Available snap-ins list and select Add.
  5. Select OK.
  6. Choose Computer account and select Finish.
  7. In Add or Remove Snap-ins, select OK.
  8. In Console Root, do the following:
    1. Expand the Certificates (Local Computer) directory.
    2. Expand the Trusted People directory.
    3. Right-click Certificates, choose All Tasks, and select Import.
  9. Select Next and do the following:
    1.  Specify the path to the certificate with the public key (*.cer) located on the server machine file system and select Next.
    2. In Select Certificate Store, choose the Trusted People location under the Place all certificates in the following store button, then select OK.
  10. Select Next then select Finish.
    Result: A notification message indicates the certificate import was successful.
  11. Select OK.
Install the certificate authority root certificate under a local computer account
  1. Select Start > Run and enter MMC.
  2. Select OK.
  3. Select File > Add/Remove Snap In.
  4. Choose Certificates from the Available snap-ins list and select Add.
  5. Select OK.
  6. Choose Computer account and select Finish.
  7. In Add or Remove Snap-ins, select OK.
  8. In Console Root, do the following:
    1. Expand the Certificates (Local Computer) directory.
    2. Expand the Trusted Root Certification Authorities directory.
    3. Right-click Certificates, choose All Tasks, and select Import.
  9. Choose Next and do the following:
    1. Specify the path to the certificate with the public key (*.cer) located on the server machine file system and select Next.
    2. In Select Certificate Store, select the Trusted Root Certification Authorities location under the Place all certificates in the following store button, then select OK.
  10. Select Next then select Finish.
    1. If a security warning asks whether you want to install the certificate, choose Yes.
      Result: A notification message indicates the certificate import was successful.
  11. Select OK.
Install the public key certificate under a user account
  1. Select Start > Run and enter MMC.
  2. Select OK.
  3. Select File > Add/Remove Snap In.
  4. Choose Certificates from the Available snap-ins list and select Add.
  5. Select OK.
  6. Choose My user account and select Finish.
  7. In Add or Remove Snap-ins, select OK.
  8. In Console Root, do the following:
    1. Expand the Certificates - Current User directory.
    2. Expand the Trusted People directory.
    3. Right-click Certificates, select All Tasks, and select Import.
  9. Select Next and do the following:
    1. Specify the path to the certificate with the public key (*.cer) located on the client machine file system and select Next.
    2. In Select Certificate Store, choose the Trusted People location under the Place all certificates in the following store button, then select OK.
  10. Select Next then select Finish.
    Result: A notification message indicates the certificate import was successful.
  11. Select OK.
Install the certificate authority under a user account
  1. Select Start > Run and enter MMC.
  2. Select OK.
  3. Select File > Add/Remove Snap In.
  4. Choose Certificates from the Available snap-ins list and select Add.
  5. Select OK.
  6. Choose My user account and select Finish.
  7. In Add or Remove Snap-ins, select OK.
  8. In Console Root, do the following:
    1. Expand the Certificates - Current User directory.
    2. Expand the Trusted Root Certification Authorities directory.
    3. Right-click Certificates, select All Tasks,  and select Import.
  9. Select Next and do the following:
    1. Specify the path to the certificate with the public key (*.cer) located on the client machine file system and select Next.
    2. In Select Certificate Store, choose the Trusted Root Certification Authorities location under the Place all certificates in the following store button, then select OK.
  10. Select Next then select Finish.
    Result: A notification message indicates the certificate import was successful.
  11. Select OK.
Verify the revocation server
  1. Right-click the certificate, and either select View or choose View in the Actions pane.
  2. Select the Details tab and choose CRL Distribution Points.
  3. Copy a URL to the browser.
    Result: The connection to the revocation server is established if the web page opens.

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    How-to
  2. Tags
    1. Homecare Security
    2. role:systemadmin