SSL certificate requirements
To ensure secure communication and enable HTTPS for your VisualDrive Server, you need to use a valid and trusted SSL web server certificate.
This document outlines the essential requirements for this certificate and explains the impact of certificate-related issues.
Enabling HTTPS can be skipped in a test environment. In a test environment, VisualDrive Server can be configured to allow access over plain HTTP.
Requirements
The used SSL certificate needs to meet the following requirements:
| Requirement | Description |
|---|---|
| Certificate storage | Certificate must be available through the Local Machine certificate store on the computer with VisualDrive Server. |
| Private key | Certificate must have an associated private key. |
| Issuer trust | Certificate must be valid and issued by a trusted Certification Authority (CA). |
| Hostname | Hostname in the certificate must match the Server URL configured in VisualDrive Server. |
| Key Usage (KU) | Key usage must include Digital Signature for signing the TLS handshake data. |
| Extended Key Usage (EKU) | Extended key usage must include the Server Authentication purpose. |
Impact of certificate issues
If there is a certificate issue (for instance, if the certificate is expired, self-signed, improperly configured, or issued by an untrusted Certificate Authority):
- Users will be unable to sync their drives via the OneDrive app.
- Users may see error messages related to certificate trust, connection issues, or sync failures.
The OneDrive sync app does not allow ignoring certificate errors.
How to obtain an SSL certificate
Follow the instructions in How to obtain an SSL certificate in Active Directory environment.