This section describes single and multiple domain scenarios when installing IQ Bot and Control Room with various server certificates.

There are two main scenarios:
  • Installing IQ Bot and Control Room with wildcard server certificates (single domain).
  • Installing IQ Bot and Control Room with individual server certificates (different domains).
You can encrypt the communication between IQ Bot and Control Room by configuring Two-way (Mutual) SSL. The following steps explain how to configure this and can be achieved by exchanging the SSL certificates between IQ Bot and the Control Room.
Note: IQ Bot does not support self-signed certificate.

Prerequisite for single domain

If Control Room and IQ Bot are on a single domain, and we name the domain as DomainOne, the following certificate files are required:
  • PFX file:

    Ensure you have the DomainOne.pfx file. The file size is approximately 7/8 KB. One pfx file is required for a single domain.

  • CA Bundled certificate from the Enterprise Control Room (with all intermediate certificate information):

    Use any tool to create the bundle certificate, or you can use openssl to create CA/bundled certificate from DomainOne.pfx file.

    Use the following example command to create CA/Bundled certificate using openssl for DomainOne.pfx: 
    
openssl.exe pkcs12 -in "{DomainOne.pfx file location}" -cacerts -nokeys -chain -out "
{Outputlocation}\DomainOne_ControlRoom_CA.crt
    Note: You will need the Control Room bundle certificate for single or multiple domains.
  • Public certificates from IQ Bot and Control Room:

    Use any tool to create the public certificates or use openssl to create Public certificate from the DomainOne.pfx file.

    Use the following example command to create the Public certificate using openssl for DomainOne.pfx:
    
openssl.exe pkcs12 -in "{DomainOne.pfx file location}" -clcerts -nokeys -out
"{Outputlocation}\DomainOne_ControlRoom_PublicCertificate.crt
    Note: For a single domain, there will be one public certificate for both, IQ Bot and Control Room.

Prerequisite for multiple domains

If the Control Room and IQ Bot are on separate domains, and the domain names are DomainOne (Control Room) and DomainTwo (IQ Bot), the following certificate files are required:
  • Pfx file:

    Ensure you have the DomainOne.pfx and DomainTwo.pfx files. The file size is approximately 7/8 KB.

  • Public certificates from IQ Bot and Control Room:

    Use any tool to create the bundle certificate or use openssl to create Public certificate from DomainTwo.pfx file.

    Use the following example command to create the Public certificate using openssl for DomainTwo.pfx: 
    
openssl.exe pkcs12 -in "{DomainTwo.pfx file location}" -clcerts -nokeys -out
"{Outputlocation}\DomainTwo_IQBot_PublicCertificate.crt
    Note: : If you set up Control Room or IQ Bot with HTTPS, then configure IQ Bot with HTTPS before registering.