By default, the Orchestrator server uses a self-signed SSL certificate to communicate remotely with the Orchestrator client. Orchestrator also provides an SSL certificate that controls user access to Web views. You can change the SSL certificates, for example if your company security policy requires you to use its SSL certificates.

When you attempt to use Orchestrator over a trusted SSL Internet connection, and you open the Orchestrator configuration interface in a Web browser, you receive warnings that the connection is untrusted (in Mozilla Firefox) or that problems have been detected with the Web site’s security certificate (in Internet Explorer).

After you click Continue to this website (not recommended), even if you have imported the SSL certificate as a trusted store, you continue to see the Certificate Error red notification in the address bar of the Web browser. You can work with Orchestrator in the Web browser, but a third-party system might not work properly when attempting to access the API over HTTPS.

You can also receive a certificate warning when you start the Orchestrator client and attempt to connect to the Orchestrator server over an SSL connection.

You can resolve the problem by installing a certificate signed by a commercial certificate authority (CA) or by creating a certificate that matches your Orchestrator server name and then importing the certificate in your local keystore. To stop receiving a certificate warning from the Orchestrator client, add your root CA certificate to the Orchestrator keystore on the machine on which the Orchestrator client is installed.