The server security certificate is used to establish communication between the server and the HTTPS client (such as Monokot Server Administrator), and is also the default certificate of the OPC UA application. During the first start-up, the server creates a self-signed security certificate and saves it in the following directories:
- Windows: %ProgramData%\Monokot\Mos\Certificates\Own\ (C:\ProgramData\Monokot\Mos\Certificates\Own)
- Linux: /usr/share/Monokot/Mos/Certificates/Own/
- macOS: /usr/local/Monokot/Mos/Certificates/Own/
Please note that these directories are hidden file system directories
The certificate is saved in PFX and DER formats (files monokotserver.pfx and monokotserver.der); the PFX file is then used as a server certificate each time the server starts. If the server cannot find or read the monokotserver.pfx file during boot, it will reissue the certificate, and a warning will be written to the server event log.
To install a custom server security certificate, replace the monokotserver.pfx file with the required certificate in PFX format.
Please note that the PFX file must not be password protected. An empty string should be used as password
After replacing the file, you need to restart the service/process/daemon for the changes to take effect.