To encrypt the system using SSL certificates, please contact your server administrator or provider. These must always be activated on the webserver.
SSL certificates have a limited validity period (e.g. 1 year). To prevent Xentral from being inaccessible via the browser due to an expired certificate, this should be updated in time by the server administrator. If a certificate has expired, the server administrator must create a new one.
This function is currently still under evaluation (as of 11/2016).
Use this option in the file:
/etc/apach2/apache2.conf Header always append X-Frame-Options SAMEORIGIN
Or for nginx
add_header X-Frame-Options SAMEORIGIN;
Then you have to restart the web servers, otherwise you will not be able to insert positions in documents.
With CryptoMagic for Xentral you can create SSL certificates, individually for each user accessing the system.
This way you can make sure that only a user who is allowed to manually assign a certificate can access Xentral at all.