Configuring a Secure Environment for Single Servers with Self-issued Server SSL Certificates
The HTTPS server requires the security certificates to be configured correctly on the client worker machines. To enable the Worker Daemon Service to run in service mode with Log on set to Local System account, and where the server SSL certificate is self-issued (the certificate issuer is not available in the OOTB Windows truststore), import the SSL (HTTPS) Certificate to the worker machine in the following way:
1. Download a copy of the server SSL certificate. For example, access the server with Internet Explorer, select the Security Report button (padlock) to view and Copy to File the SSL Certificate from the > .
2. Launch Microsoft Management Console (mmc).
3. Select > . The Add or Remove Snap-ins dialog box opens.
4. Under Available snap-ins, select Certificates and click Add. The Certificates snap-in page opens.
5. Select Computer account, and then click Next. The Select Computer page opens.
6. Select Local computer and click Finish, and then click OK on the Add or Remove Snap-ins... dialog box.
7. In the mmc, right-click and choose > , and then select > .
8. Browse to the location containing the desired certificate and use the Certificate Import Wizard to place it in the Trusted Root Certification Authorities.
9. Ensure that the certificate is now listed under > > .
10. Reload the worker from Windchill by going to > > , and then republish.