Ensuring that the connection is trusted
For your configuration to function correctly, the IIS server's SSL root certificate must be trusted to establish secure communications between the server and the Pega Robot Runtime/Pega Robot Studio computer.
You can verify that the certificate is trusted by installing the SSL root certificate to the Trusted Root Certification Authorities store on the Pega Robot Runtime/Pega Robot Studio computer.
- On the AD FS server, open the SSL certificate.
- Click the certificate Path tab at the far right of the certificate.
- Choose the root authority certificate that is found in the certificate chain.
- In the Certificate window, click View certificate.
- Once the root authority certificate is in view, click Copy to file.
- Save the root authority certificate to a location on the server.
- Transfer the saved certificate to a Pega Robot Runtime (client) computer for installation.
- On the Pega Robot Runtime (client) computer, click Start > Run.
- Type mmc, and then click OK.
- In the Microsoft Management Console [Console] window, choose File > Add/Remove Snap-in.
- In the Add or Remove Snap-in window, select Certificates, and then click Add.
- In the Certificates snap-in window, select Computer Account or User Account,
and then click Next.
Note: You can install the certificate for all users of the computer through the computer account profile or by individual users using the user account profiles. You can install it on multiple computers or for multiple user accounts through the use of group policy.
- In the Select Computer window, select Local Computer, and then click Finish.
- In the Add or Remove Snap-in window, click OK.
- In the Console1 window, click the Plus icon (+) to expand the folder.
- Right-click Trusted Root Certification Authorities, mouse-over All Tasks, and then click Import.
- In the Certificate Import Wizard window, click Next.
- Click Browse to find the root certificate file that was transferred from the AD FS server.
- Choose the root certificate and click OK.
Result: You should now have a connection to the server that hosts AD FS version 2.0. Previous topic Setting up the relying party