Using Certificates to Secure a Remote RoleTailored Client Connection
You can use service certificates to secure RoleTailored client connections over a wide area network (WAN). Microsoft Dynamics NAV 2009 R2 can support the following configurations:
Chain trust, which specifies that each certificate must belong to a hierarchy of certificates that ends in a root authority at the top of the chain.
Peer trust, which specifies that both self-issued certificates and certificates in a trusted chain are accepted.
This white paper describes the chain trust configuration, which is the more secure option.
In a production environment, you implement chain trust by obtaining X.509 service certificates from a trusted provider. These certificates and their root certification authority (CA) certificates must be installed in the certificates store on the computer running Microsoft Dynamics NAV Server. The CA certificate must also be installed in the certificate store on computers running the RoleTailored client so that clients can validate the server.
|This white paper does not use the term Secure Sockets Layer (SSL) to describe the implementations. Although these implementations do use the public and private key infrastructure of SSL and SSL certificates, they use Windows Communication Foundation (WCF) transport-level security (TLS) over the TCP/IP protocol instead of https. This means that they are not strict SSL implementations.|