We have started the processing of moving all our gateways to SSL with SSO login. Yesterday we noted that after installing a SSL certificate, some of our members vision client launchers picked up the certificate just fine (automatically).
However, others encountered the issue shown in the attached photo:
"SSL Certificate must be imported"
The work around is to import the SSL certificate manually. However, our expectation is that users do not have to do it manually and the vision client launcher should pick it up automatically like the designer does.
Are we doing something wrong or is this room for improvement?
When you say “some of our members vision client launchers picked up the certificate just fine (automatically).” are you talking about being shown a dialog prompting them to trust/reject the certificate?
What version of Ignition and launchers are being used?
Sorry for the late response here, but it looks like you are using the 8.X compatible launchers here, which do not work with 7.9.x. It looks like something else is causing issues with a redirect, but try the Native Client Launcher for 7.9.
Host Secure would be misleading though. The connection may use TLS, but we cant really say the host is "secure" since the certificate chain doesn't have a trusted root (either from a known CA or one your Org has already imported/trusted). Maybe that label can be something clearer, but saying "Host Secure" before just throwing the user into a prompt to trust a certificate isn't the right answer either.
Ill think about a better message here that could be used though.
Probably better to have a single message "SSL Certificate must be reviewed and imported to Launcher" (so user can't assume its a Gateway cert that needs importing) and dynamically change the blue button ("Add Designer" or "Select Gateway") to what really will show next... such as "Review Cert".