Updated Lime CRM security level
Summary
At Lime we take security seriously and would therefore like to inform you that we will increase our security level a notch.
The next release of the Lime CRM Desktop client will only allow connections to Lime CRM servers with certificates that are signed by a certificate authority. End users will no longer be able to accept the warnings and connect to Lime CRM servers with self-signed certificates.
We do allow connecting to localhost
, 127.0.0.1
or everything else where Uri.IsLoopback = true
. That means that you can still access your local installations with self-signed certificates.
This release is planned for late August 2020, allowing you to verify your certificates.
Test your environment
To verify that the updated security level will function in your environment, please install Lime CRM Desktop 10.18.419 from here , and connect to your Lime CRM server.
Update your certificate
If you are not using valid certificates on your Lime CRM server, we strongly recommend that you update the certificate as soon as possible.
Use a TLS certificate issued by a trusted root certificate authority. The certificate must be located in the Windows Certificate Store (machine store) and have a private key that is marked as exportable. Certificates issued using a CNG cryptography provider (Microsoft specific) are not supported.
Instructions how to change the certificate can be found here
And as always, please contact your Lime contact person if you need any help.