Welcome: Guest
Download Center | Release History
SolarWinds Home | Contact Us
Search for:    in      
NOTE: This site is no longer maintained. Upgrade to the latest version of ipMonitor ยป

Portal Home
Downloads & Resources
Knowledge Center
>  Administrator's Guide
>  Tutorials
>  Tips
>  FAQs
>  SOAP Documentation
SNMP Center
>  OID Tree
>  MIBs, By Name
>  MIBs, By Category
Knowledge Center > ipMonitor 8.5 Administrator's Guide
About SSL Certificates

To avoid sending passwords and configuration information over the network in clear text, you will need to install an SSL certificate.

SSL permits you to securely log in to the ipMonitor web interface from anywhere on the network or Internet and safely exchange account credentials, network paths, machine names and other sensitive information.

Although it is possible to use ipMonitor without an SSL certificate installed, some features such as the Credentials Manager will not be fully enabled unless you are connecting from ipMonitor's host machine. For this reason we suggest that you at least use ipMonitor's Self-Signed Certificate option.

Top of page

SSL Certificate Acquisition Methods

ipMonitor supports four different ways to acquire an SSL certificate. Certificates are installed in the Local Machine Store of the ipMonitor host machine and can be selected using the ipMonitor Configuration Program.

Self-Signed Certificates
During the initial installation, if a certificate has not been selected, ipMonitor will prompt to automatically generate a "self-signed" certificate. Should you choose this option, you can change this selection at any time using the ipMonitor Configuration program.

The main advantage of self-signed certificates is that there is no cost involved. However, because a self-signed certificate is generated and installed by ipMonitor, there is no Trusted Authority involved in issuing and verifying the certificate. As a result, you will have to instruct your web browser to trust the self-signed certificate that ipMonitor installs.

Refer to the section titled Self-Signed Certificates for more information.

Trusted Certificate Authority
ipMonitor provides the tools required to generate a Certificate Signing Request (CSR) and install a certificate once it has been acquired from a trusted Certificate Authority.

Although this is not a complete list, certificates issued by VeriSign®, FreeSSL™ or InstantSSL™ have been tested and all work equally as well. Prices vary from under a hundred dollars to a few hundred dollars depending on the organization.

Refer to the section titled Trusted Certificate Authority for more information.

Windows® 2000 and Windows® 2003 Certificate Services
A Certificate can be requested from a Stand-Alone Certificate Authority using the Microsoft® Windows® 2000 or Windows® 2003 Certificate Services web interface.

On networks that use a Stand-Alone Certificate Authority server, certificate requests must be made using the web interface provided by the Certificate Authority server. Certificate requests may have to be approved prior to being issued. Policy information may be obtained from the Network Administrator of your organization.

Refer to the section titled Microsoft Certificate Authority for more information.

Microsoft Management Console 'Certificates' snap-in
A Certificate can be requested from an enterprise certification authority using the Microsoft Management Console "Certificates" snap-in (dependant upon Active Directory).

Certificate requests may be generated from the ipMonitor machine using the MMC if a Certificate Authority server is found in Active Directory. Certificate requests may have to be approved prior to being issued. Policy information may be obtained from the Network Administrator of your organization.

Refer to the section titled Microsoft Certificate Authority for more information.

Note:

  • Certificate types must be Server certificates.
  • Certificates must be installed to the Local Machine Store.

Top of page

Add a Secure Interface to ipMonitor (HTTPS)

Once the certificate has been installed, it will be necessary to configure at least one secure IP address and Port combination for HTTPS communications.

  1. Open the ipMonitor Configuration Program.
  2. Select the Communications: Web Server Ports option from the main menu.
  3. Click the Add button to enter a new IP address and port combination.
  4. Specify the IP address to be used, or enter 0.0.0.0 to have ipMonitor listen on all available IP addresses.
  5. Enter a Port (TCP) number. The default value for HTTPS communication is 443. Also, ensure to check the SSL checkbox.
  6. Click the OK button to have ipMonitor begin listening on the new SSL IP address and port combination.

Note: To launch the ipMonitor Configuration Program, you must have Administrator access on the ipMonitor host computer.

Top of page

Additional Resources

For information on other features and concepts related to those discussed in this article, refer to the following ipMonitor resources:

What Security Features does ipMonitor Offer?

< Back

Last Updated: March 30, 2007 | What did you think of this topic?

Privacy Statement | Terms of Use | EULA | Contact | Site Map

Prices displayed do not reflect international pricing unless otherwise stated. Please see our international price list for current pricing specific to your location. All prices are subject to change without notice.

© 2003-2008 SolarWinds.net, Inc. All Rights Reserved. SolarWinds®, the SolarWinds logo, ipMonitor®, LANsurveyor®, and Orion® are among the trademarks or registered trademarks of the company in the United States and/or other countries. All other trademarks are property of their respective owners.