Setup Client Machines and Certificate Authorities

In order to encrypt network transport between the components of the system we make use of certificates. This is facilitated through the use of a self-generated Certificate Authority.

If you followed the installation procedure until here, you can open your server domain (default is ds.aivero.dev). On any client machine, your browser will prevent you from opening the page due to a fault in the certificate configuration.

We are going to fix this now.

On the first startup, the server generates a certificate authority in the installation directory.
You can find it here:

This file needs to be installed on all devices that want to access the webUI of Aivero.

The installation process differs between operating systems and browsers:

Setup the certificate

Step 1: Show the generated certificate

Show certificate in terminal

cat /opt/aivero/self-signed-certs/certs/rootCA.pem

The result should look something like this:

Step 2:

Using a USB flash drive, FTP connection or any other method please place/share the certificate file at /opt/aivero/self-signed-certs/certs/rootCA.pem​ with the devices on which you wish to access the server front end.

Setup certificate on browser side

Firefox

Open your settings and navigate to 'Privacy & Security'

Scroll down to the 'Security' section

Select 'View Certificates' and click 'Authorities'

Click 'Import', select your certificate, click 'Trust this CA to identify websites' and 'OK'.

You are done, test it (found at end of section).

Chrome

Open your settings and navigate to 'Privacy and security'

Click 'Security' and scroll down to the 'Manage Certificates' section

Click the 'Manage Certificates' section and select the 'Authorities' tab

Click import, find and add the certificate file and click 'Trust this certificate for identifying websites' and 'OK'

You are done, test it (found at end of section).

Test it

Now you can visit your installation at https://ds.aivero.dev and register with an email.