Built-in Sample Certificate and Private Key Files

IguanaX is prepackaged with the following sample files for development and testing with TLS:

Private Key (webkey.pem) and Certificate Files (webcert.pem)

Iguana includes a built-in self-signed certificate and private key, which are automatically generated to enable HTTPS for the Iguana web server, ensuring secure access and encrypted connections.

Both files can be found in your configuration settings folder: <working_directory>\config\other\

The self-signed certificate is suitable for initial setup or non-production environments where secure access is necessary. These files are provided to save you the effort of manually creating them, although you have the option to create your own self-signed certificates if needed.

For production instances, it is highly recommended to replace the self-signed certificate with a verified SSL certificate from a Certificate Authority. This enhances security and avoids issues with certificate trust and browser warnings when users access the web server.

Certificate Authority File (cacert.pem)

This is a sample Certificate Authority (CA) certificate file which includes a bundle of public certificates extracted from Mozilla’s root certificates file. This file can be found in your Iguana resources directory: <working_directory>\resources\

The role of the CA certificate file is to help the client verify that the certificate presented by a server during a secure connection is trustworthy.

When Iguana connects to an external service over SSL/TLS (via the Client net.* APIs), the service presents a certificate to be verified. The cacert.pem file is used to check whether this certificate was issued by a trusted CA. If the certificate is signed by a CA listed in cacert.pem, the connection is considered secure.

Similar to the built-in certificate and private key files, this sample CA certificate file is helpful for initial testing and development, it is recommended to use a trusted CA certificate file in production environments to ensure the highest level of security and reliability.

For Production, we recommend using a Certificate Authority provided by a verified CA. Customizing your CA certificate file to include only the CAs your organization trusts ensures that only specific certificates are accepted, reducing security risks.

You can add a PEM format CA certificate to a certificate file by copying it from the Public Key Certificate supplied by your CA.

Related pages