SSL certificates are used to encrypt https communication channels between client and server. This typically applies when you are browsing a company's website, but it is equally used when backend systems communicate with each other over an https channel.
There are 2 major considerations when using SSL certificates:
- SSL certificates also have a limited validity period. Before and after that period the certificate is considered unsafe to use and clients will not want to communicate with a server that presents such untrustworthy certificate.
It is the responsibility of the server to present the valid certificate to the client. - SSL certificates are issued by so-called Certificate Authorities (CA). Client operating systems typically store a list of trusted CAs. If the server suggests to use a certificate that the client doesn't find in its store, the client will not trust it and refuse to connect.
It is the responsibility of the client to keep its store of Certificate Authorities update to date.
The integration between Unit4 and Transsmart is secured with SSL certificates. So whenever Transsmart renews its SSL certificate by the end of its validity period, some changes need to be done on the side of Unit4 as well. Not applying these changes will result in broken connectivity between the 2 systems at the moment where the new certificate is activated.
What do you - as a Unit4 customer – need to do exactly?
- Customers with a standard instance of Unit4
Unit4 will include the changes as part of the Unit4 update package in the month before the actual activation of the new certificate. Applying this update package is enough to update the Unit4 certificate store.
Not able to apply the update package before the certificate activation? You can follow the same steps as customers with a tailored instance (below). - Customers with a tailored instance of Unit4
They cannot simply apply the Unit4 update packages. Instead they will need to manually copy files onto the Unit4 application server.
At request Unit4 can send you the files that you need. The package will contain one or more files with a .0 extension.
These files are to be copied to the certs subfolder under the DLC folder.
For example : C:\Unit4SPE\Client\PROD\Shared\DLC11.7\certs