Generate an SSL/HTTPS key
During the install process, PaperCut NG generates a self-signed key/certificate issued for the host's machine name. This key is used by default when the system is accessed via HTTPS on port 9192.
The default SSL certificateSSL certificates are small data files that digitally bind a cryptographic key to an organization’s details, such as a company's domain name, your company name, your address, your city, your state and your country. When installed on a web server, it activates the padlock and the HTTPS protocol (over port 443) and allows secure connections from a web server to a browser. When a browser connects to a secure site it retrieves the site's SSL certificate and checks that it has not expired, it has been issued by a Certification Authority the browser trusts, and that it is being used by the website for which it has been issued. If it fails on any one of these checks the browser will display a warning to the end user letting them know that the site is not secured by SSL. SSL certificates can be either self-signed or CA signed. provides good security, however, users will be presented with the following warnings when they access the HTTPS site using a fully-qualified domain name:
- Domain mismatch
- The security certificate presented by this website was not issued by a trusted certificate authority
You can, however, eliminate these warnings to provide a smoother experience for the end users.
To avoid the:
- “Domain mismatch” warning—Customize the PaperCut NG self-signed certificateto use the machine's fully qualified domain name.
- “The security certificate presented by this website was not issued by a trusted certificate authority” and the “Domain mismatch” warning—Use a certificate signed by a trusted authority.
This is a technically complex area and there is an assumed level of experience with SSLSecure Sockets Layer (SSL) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. The protocol uses a third party, a Certificate Authority (CA), to identify one end or both end of the transactions. To be able to create an SSL connection a web server requires an SSL certificate. When you choose to activate SSL on your web server you will be prompted to complete a number of questions about the identity of your website and your company. Your web server then creates two cryptographic keys - a Private Key and a Public Key. certificates in general.