====== Updated Lime CRM security level ======

===== Summary ===== 
At Lime we take security seriously and would therefore like to inform you that we will increase our security level a notch. 

The next release of the Lime CRM Desktop client will only allow connections to Lime CRM servers with certificates that are signed by a certificate authority. End users will no longer be able to accept the warnings and connect to Lime CRM servers with self-signed certificates.

We do allow connecting to ''localhost'', ''127.0.0.1'' or everything else where ''Uri.IsLoopback = true''. That means that you can still access your local installations with self-signed certificates. 

This release is planned for late August 2020, allowing you to verify your certificates.  

===== Test your environment ===== 
To verify that the updated security level will function in your environment, please install Lime CRM Desktop 10.18.419 from [[https://builds.lundalogik.com/api/v1/builds/limecrm-desktop/versions/10.18.419/file|here]] , and connect to your Lime CRM server.  

===== Update your certificate ===== 

If you are not using valid certificates on your Lime CRM server, we strongly recommend that you update the certificate as soon as possible. 

Use a TLS certificate issued by a trusted root certificate authority. The certificate must be located in the Windows Certificate Store (machine store) and have a private key that is marked as exportable. Certificates issued using a CNG cryptography provider (Microsoft specific) are not supported.

Instructions how to change the certificate can be found [[https://docs.lime-crm.com/configuration/webserver#change-the-httpsssl-certificate|here]]

And as always, please contact your Lime contact person if you need any help.