Manage certificates for secure communication and authentication in octoplant

Certificate-based security ensures secure communication and reliable authentication within octoplant environments. By default, octoplant automatically creates a self-signed certificate and private key at runtime.

Custom certificate management

To meet organizational or regulatory requirements—such as integrating identity providers like Azure AD—you can replace the default certificate with one issued by a trusted Certificate Authority (CA).

If you're using the WebClient, replacing the self-signed certificate is strongly recommended to avoid browser trust warnings.

Troubleshooting Certificate Issues

Even with a trusted CA certificate, warnings may occur due to:

• Missing CA in browser’s trusted store (common on older systems): Keep systems updated to receive new CA certificates via Windows Update.
• Missing intermediate certificates: Ensure your server provides the full certificate chain (intermediate + root).
• Expired certificate: Renew or replace as needed.

Consult Configure trusted root certificates if you encounter certificate issues when the octoplant server tries to establish communication with external sites, such as myAMDT or octoplant pro hub.

Please contact your IT department to address any certificate issues.

Related topics

• Use your own security certificate
• Configure trusted root certificates
• octoplant pro hub data package
• WebClient installation