Use an existing trusted SSL certificate for Mobility Print
KB Home | Use an existing trusted SSL certificate for Mobility Print
“Help! We get a certificate error when browsing to the web interface of our Mobility Print server! What should we do?”
About Mobility Print and Certificates
By default, the Mobility Print server will use a self-signed certificate. While the self-signed cert secures communication, using one means that users browsing to the Mobility Print Help Center on your server using HTTPS will see an untrusted certificate error.
(It’s important to point out that, generally, this isn’t a problem. Users aren’t exchanging their credentials with the Mobility Print server through the web interface, and admins can simply click through the certificate error to get to the login page of the server and the traffic will still be encrypted.)
If this worries you, however, there are two different solutions.
Consider sharing the link with your users instead to our Mobility Print Help Center which shows users how they can use Mobility Print on their devices. Our public page uses a trusted certificate that’s securely reachable over port 443.
It is also possible to install a custom certificate on your Mobility Print server, which allows admins and users to access the web interface of the server with HTTPS without facing a certificate error. See the steps below for details.
How to install an SSL Certificate on your Mobility Print Server
The certificate and private key used by the Mobility Print server for HTTPS connection are in PEM-encoded format. To use an existing trusted SSL key:
1. Export the existing certificate and key to PEM-encoded format.
2. Configure the Mobility Print server certificate.
Step 1: Separate the components of the certificate key bundle using PEM encoding for the key.
The process depends on the type of bundle you have. Also, hopefully, you documented the bundle’s import password once upon a time because you’re going to need it soon.
Step 2: Configure the Mobility Print server certificate
1. On the Mobility Print server, stop the PaperCut Mobility Print service.
2. Navigate to: C:\<Mobility Print install path>\data\. You’ll see the following:
tls.cer (certificate file)
tls.pem (private key file)
3. Make a backup of the current tls.cer and tls.pem by renaming them both to .old so you have a copy of the original files
4. Copy your extracted certificate and private key files to this folder.
5. Rename your certificate file to tls.cer and the private key file to tls.pem.
6. Start the PaperCut Mobility Print service .
7. Access the Mobility Print Admin interface using the Common Name (or Host Name) that you’ve specified in the certificate.
Still have questions?
Let us know! We’re definitely happy to chat about how Mobility Print works. Feel free to leave a comment below or visit our Support Portal for assistance. Also, check out the Mobility Print Help Center.
This release contains an updated Java version which no longer supports 32-bit workstations. If you have any 32-bit users launching the User Client or Release Station from a network share, see this Knowledge Base article for more information.