Setup Client Machines and Certificate Authorities

In order to encrypt network transport between the components of the system we make use of certificates. This is facilitated through the use of a self-generated Certificate Authority.

If you followed the installation procedure until here, you can open your server domain (default is ds.aivero.dev). On any client machine, your browser will prevent you from opening the page due to a fault in the certificate configuration.

We are going to fix this now.

On the first startup, the server generates a certificate authority in the installation directory.
You can find it here:

This file needs to be installed on all devices that want to access the webUI of Aivero.

The installation process differs between operating systems and browsers:

Set up DNS on Client Machine

Linux

Write server IP to /etc/hosts file. Replace the IP below with your server's IP address and run the command on the client machine.

sudo bash -c 'echo "192.168.xx.xx ds.aivero.dev" >> /etc/hosts'

Now you can ping the server host machine.

ping ds.aivero.dev
#PING ds.aivero.dev (192.168.xx.xx) 56(84) bytes of data

Windows

Open your C:\Windows\System32\drivers\etc file using any text editor (e.g. Notepad) and add the following line at the end of the file. Please remember to substitute the IP address below with your server's IP address and save the file.
192.168.xx.xx ds.aivero.dev

Then restart client machine.


Setup the certificate

Step 1: Show the generated certificate

Show certificate in terminal

cat /opt/aivero/self-signed-certs/certs/rootCA.pem

The result should look something like this:

Step 2:

Using a USB flash drive, FTP connection or any other method please place/share the certificate file at /opt/aivero/self-signed-certs/certs/rootCA.pem​ with the devices on which you wish to access the server front end.


Setup certificate on browser side

Firefox

Open your settings and navigate to 'Privacy & Security'

Scroll down to the 'Security' section

Select 'View Certificates' and click 'Authorities'

Click 'Import', select your certificate, click 'Trust this CA to identify websites' and 'OK'.

You are done, test it (found at end of section).

Chrome

Open your settings and navigate to 'Privacy and security'

Click 'Security' and scroll down to the 'Manage Certificates' section

Click the 'Manage Certificates' section and select the 'Authorities' tab

Click import, find and add the certificate file and click 'Trust this certificate for identifying websites' and 'OK'

You are done, test it (found at end of section).

Test it

Now you can visit your installation at https://ds.aivero.dev and register with an email.


What’s Next