How to setup and export SSL certificate from CV server to Robot server?

For security reasons, the UiPath Computer Vision Server uses the HTTPS protocol. A certificate needs to be added to the port in which the Computer Vision Server is hosted, which is, by default, 8051.

In order to use the CV service, a certificate is required for the HTTPS protocol. An official certificate can be used but for testing purposes, a self-signed certificate can be created directly on the machine.

For user environment deployments, certificate can be self - generated but for testing purposes. The following steps can be used for testing the machine,( where a Self-Signed certificate can be used)

1. Go to Windows Features (Search in the Turn Windows Features On or Off in the Start dialogue)
2. Search for Internet Information Services, check the option and hit OK

3. Open IIS
4. Go to Server Certificates

5. In Server Certificates, go to Create Self-Signed Certificate (right panel)

6. In The Certificate Creation Dialog, Specify a friendly name can be used to select Web Hosting

7. Go back to IIS
8. On the Left Panel, go to Machine Name -> Sites -> Default Web Site

9. Right Click on Default Web Site and select Edit Bindings

10. In the Site Bindings Screen, click Add

11. In the Add Site Binding Screen please select HTTPS as type, for port specify the port on which the server is set up (by default 8051) and in SSL certificate, select the one just created. Click OK

12. Open Manage Computer Certificates
13. Go to Trusted Root Certification Authorities -> Certificates

14. Make sure that the certificate that got created, is located here.

Using the CV service from outside of the CV server:

• If the service needs to be utilized from outside the domain of the server machine, a self signed certificate pointing to the DNS of the server machine must be used
• For the above purpose, use the following command in PowerShell:
  • $cert = New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname [DNS Address] -FriendlyName [Name for certificate]
  • $path = [Required path for export]
  • Export-Certificate -Cert $cert -FilePath $path

The binding will need to be added for the created certificate, as listed below

1. Go to Windows Features (Search in the Turn Windows Features On or Off in the Start dialog)
2. Search for Internet Information Services, check the option and hit OK

3. Open IIS
4. On the Left Panel please go to Machine Name -> Sites -> Default Web Site

5. Right Click on Default Web Site and select Edit Bindings

6. In the Site Bindings Screen Click Add

7. In the Add Site Binding Screen, select https as type, for port specify the port on which the server is set up (by default 8051) and in SSL certificate please select the name given inside the script [Name for certificate]. Click OK
8. On the machine where the server needs to be used, copy or paste the certificate file and open the file
9. Click Open Install Certificate

10. Pick Local Machine
11. Check "Place all certificates in the following store" and select Trusted Root Certification Authorities.

12. Click on Next and then Finish.
13. Repeat steps 9 to 12 and install in Personal folder as well (Select personal in step 11 for certificate store).

The certificate shall now be successfully imported to Robot server.

Note: For Self-signed certificates, it is suggested to install in both Personal and Trusted Root Certificate Authorities folder of the Robot machine.