When MF Directory Server is configured to use encrypted connections, it can also be configured to use custom certificates. If these are not used, the default DemoCA root certificate, server certificate, keyfile and passphrase that are installed with the product will be used.
For production purposes, it is recommended that the default certificates are not used, and that the customer's own certificates are specified. In addition, the MF_ROOT_CERT environment variable will need to be set so that the MF Directory Server process and any client applications (such as casstart and casstop) can pick up the value of the root certificate file. For example, MF_ROOT_CERT=c:\mycerts\CARootcert.pem.