Allow installer to (optionally) bypass Certificate checks
In nearly all installations in the last three years we have restrictions on the servers where we need to install the SSL certificates, that make it impossible to verify the validity (e.g. no access to revocation servers).
The certificate is accepted by clients as those have different authorisations.
I would like to optionally bypass the certificate checks in the PI Web API Configuration utility to allow using certificates that cannot be validated. This will save a lot of time to bypass the utility and manually remove and bind a certificate.
This functionality is currently in development for the PI Vision 2020 release.
On a clean install, the setup kit will create a self-signed certificate, and apply it to the target IIS web site where PI Vision is being installed. On upgrade, where the previous version already had a certificate set for the PI Vision site, that certificate is used for the new version’s PI Vision web site.
Roger Palmen commented
PS: This applies both to PI Vision and PI Web API installers if both use the same rules to check the certificate.