Digital certificates are electronic documents that are used to create secure connections between clients and servers or websites. A valid and trusted certificate ensures clients that they are connecting to a trusted server or website, and helps protect against man-in-the-middle attacks.
Certificates become trusted by going through a validation process of a Certificate Authority (CA). Certificate Authorities themselves are usually third-party companies that are trusted by both the client and server or website.
On first installation, Deep Discovery Director creates a self-signed SSL certificate that will be used to securely communicate with other Deep Discovery appliances and Local Repository. In doing so, Deep Discovery Director also acts as its own CA.
Users who wish to adopt their own organizations' CA can import a certificate signed by that CA to Deep Discovery Director.
Accessing the management console of a Deep Discovery Director server with an untrusted or expired certificate displays a security warning in the web browser.
An untrusted or expired certificate does not affect the communication between Deep Discovery Director servers and Deep Discovery appliances. Deep Discovery Director servers with untrusted or expired certificates can still deploy plans to Deep Discovery appliances, and appliances can still download the files required to execute the plans from those servers.