Synthetic Web Apps gateway

Integrated web service hosting for individuals, private groups, and businesses

Any web services provided by Synthetic Web Apps which are validated by private SSL certificates can be trusted en masse for your hosting account simply by importing the Certificate Authority (CA, or "signing") certificate for the site in question and trusting it in the CA role. For example, let's say you're part of Acme, Inc. and Acme uses the Synthetic Web Apps solution to host all of its internal and public domains like acme.com, intranet.acme.com, acme.email, and acme-vendors.net. All of Acme's domains and sites hosted in this way have SSL certificates validated by a specially managed private CA created and maintained exclusively for Acme, Inc. If you configure your system(s) to trust this private CA, your access to all of Acme's sites will be properly validated.

To locate the appropriate signing (CA) certificate for a given site hosted here, just navigate your browser to the ca.crt file at the top of your Synthetic hosted domain, as in: http://example.com/ca.crt . (Try it for this website!)

While operating systems in general (Linux, Windows, Mac) are typically able to import and establish trust of these CA certificates, in fact each browser tends to only trust certificates established through each its own specific import mechanism. Instructions are provided below for establishing the necessary trust in a few popular browser scenarios.

To trust any Certificate Authority's signing certificate:

Google Chrome or Chromium

  1. Download the certificate you would like to trust as a CA to a known location and name.
  2. Open the Settings (Preferences) panel within Chrome.
  3. Click on the "Show advanced settings..." link at the bottom of the normal preferences page.
  4. Find the section called "HTTPS/SSL" and click the "Manage certificates..." button there.
  5. Select the Authorities tab, then click the Import... button.
  6. Locate the certificate file you downloaded and select it.
  7. Enable signing roles you would like to trust. We recommend selecting all 3 of them (websites, email, and apps).
  8. Click OK, and if the certificate you selected is a valid Root CA, it will become a trusted authority.

On iOS 8+ with Safari

  1. From an ordinary computer like Linux, Mac, or Windows, download the certificate you would like to trust as a CA to a known location and name.
  2. Email the certificate as an attachment to an email account which you access from your iOS device. It's OK if the account is the same as you're sending from.
  3. On your iOS device, open this email and click on the attached certificate file.
  4. Follow the wizard, and be sure to visually confirm (by examining the details as able) that the certificate you're accepting is indeed the one you want to trust.

Mozilla Firefox

  1. Access the certificate file directly through your browser's address bar, bookmark, link, etc.
  2. The import wizard for the certificate should automatically pop up.
  3. Enable signing roles you would like to trust. We recommend selecting all 3 of them (websites, email, and apps).
  4. Click OK, and if the certificate you selected is a valid Root CA, it will become a trusted authority.

Trusting a CA certificate in this way does not present a security risk to the organization. For example, if you were to lose your iPhone on which you had configured this trust, no harm would come to your sites as a result.

© 2015 Lifetoward LLC