Frequently Asked Questions
This article describes 3Dconnexion's approach to the creation of "3Dconnexion CA (auto-generated)" digital certificates.
Use of "auto-generated" Digital Certificate
Digital Certificate Installation and Safety
The "auto-generated" digital certificate is generated during the installation of the 3Dconnexion driver software for the device and saved to the system certificate store.
The following safety measures have been taken to ensure a secure operation of the software:
- Certificates are generated during the installation process: no certificate or private key are included in the installation package.
- The private key of the self-signed certificate "3Dconnexion CA (auto-generated)" is generated and destroyed during the installation process and is not saved.
- The "self-signed" certificate and respective private key are used to sign one and only one "server" certificate. Afterwards, the private key of the "self-signed" certificate is discarded precluding the use of the "self-signed" certificate to sign additional certificates.
- The "server" certificate is limited to a specific IP address in the loopback range (127/8), an address that is guaranteed to be accessible only by software running on the user's local machine.
- Only the self-signed (CA) certificate is saved to the system store.
- The certificate generation is carried out by software signed by 3Dconnexion.
On Windows, the certificate generation is part of the installation process of the "3Dconnexion Navigation Library Server" component.
How to delete
Uninstalling the 3Dconnexion software will delete the "self-signed" digital certificate from the system store. If using Firefox, the certificate can be manually deleted from the application "Options" menu > Advanced > Certificates > View Certificates, "Authorities" tab.
Please contact 3Dconnexion Customer Support for any enquires concerning the installation and use of "3Dconnexion CA (auto-generated)" digital certificates.