Skip to main content
All CollectionsTroubleshooting
Configuring a Self-Signed Certificate
Configuring a Self-Signed Certificate

Here's a general guide for creating and configuring a self-signed certificate. The exact steps may vary slightly depending on your operating system and web server.

Steven avatar
Written by Steven
Updated this week

Note: These steps are specific to Valotalive managed ChromeOS devices.

The background

To ensure the proper display of web applications and pages using the Valotalive Web app, an SSL certificate must be configured. Without a valid SSL certificate, the browser (in the media player) refuses to display the web page.

Understanding the Problem: Chrome's SSL Enforcement

Modern web browsers, especially Chrome, are increasingly strict about security. Here's why and what it means:

  • HTTPS is the Standard:

  • HTTPS (HTTP Secure) uses SSL/TLS encryption to protect communication between a web browser and a server. This prevents eavesdropping and tampering.

Google, the developer of Chrome, strongly advocates for HTTPS to improve web security.

Consequences of No SSL:

If a web server doesn't have a valid SSL certificate (or any certificate at all), Chrome will block the page entirely.

Instructions for Configuring a Self-Signed Certificate

Here's a general guide for creating and configuring a self-signed certificate. The exact steps may vary slightly depending on your operating system and web server.

The Steps for the Customer

1. Have DNS name and/or IP at hand

As an example, Valotalive used this for testing selfsigned.vlt.lv

2. Create a self-signed certificate

You can find further instructions in Stack Overflow and the second answer in this article.

As an example, Valotalive used:

openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout selfsigned.vlt.lv.key -out selfsigned.vlt.lv.crt -subj "/CN=selfsigned.vlt.lv" -addext "subjectAltName=DNS:selfsigned.vlt.lv,IP:54.154.20.36"

3. Configure Apache source

Further instructions for creating a Self-Signed SSL Certificate for Apache in Ubuntu 16.04

As an example, Valotalive used:

t2:~$ cat /etc/apache2/sites-enabled/selfsigned_vlt_lv.conf 
<VirtualHost *:443>
   ServerName selfsigned.vlt.lv
   DocumentRoot /home/ubuntu/src/selfsigned-page
 
   SSLEngine on
   SSLCertificateFile /home/ubuntu/.ssh/selfsigned.vlt.lv.crt
   SSLCertificateKeyFile /home/ubuntu/.ssh/selfsigned.vlt.lv.key
 
<Directory /home/ubuntu/src/selfsigned-page>
Require all granted
</Directory>
 
   ErrorLog ${APACHE_LOG_DIR}/selfsigned_error.log
   CustomLog ${APACHE_LOG_DIR}/selfsigned_access.log combined
</VirtualHost>

The Steps for Valotalive Customer Success

4. Uploading the self-signed certificate to device management

The Valotalive customer success team will upload the customer’s self-signed certificate (selfsigned.vlt.lv.crt) to the device management.

Keep the key file (selfsigned.vlt.lv.key) safe and never share it with anybody.

Did this answer your question?