Certificate authority (CA) files for the service to authenticate server certificates.
|
Value |
String. The path and filename of a CA X.509 certificate file in PEM format. If you have certificates from more than one CA, specify a comma-separated list (one file per CA). For the recommended path, see Copying certificates and keys. |
|
Default |
(empty) |
|
How to set |
In Management Station, set on the Krypton service. If not using Management Station, set in the Krypton configuration file (User-kryptonxx.yaml, seeConfiguration roadmap).
The filepath is relative to $KR_DATA_DIR/config. You cannot specify an absolute path. |
|
Usage |
Typically changed once, when setting up secure connections during the transition from development to production environments. See Securing connections with SSL/TLS. Valid when https : requestCert is true. |
Note: Most sites do not need to specify this property. By default (the property is empty), the service loads any trusted CA signing certificates already loaded on the host. This means that if you acquire Speech Suite certificates from an authority that is already loaded, it's not necessary to configure this property. (There's no problem if you specify the property unnecessarily, in which case you overwrite the default behavior.) If you acquire certificates from more than one authority, include every CA file.
