Get started
Installing a CA signed and returned HTTPS certificate
Suggest changes
-
PDF of this doc site
-
Online help
-
Monitor and manage cluster performance
-
Monitor and manage cluster health
-
Collection of separate PDF docs
Creating your file...
You can upload and install a security certificate after a Certificate Authority has signed and returned it. The file that you upload and install must be a signed version of the existing self-signed certificate. A CA-signed certificate helps prevent man-in-the middle attacks and provides better security protection than a self-signed certificate.
Before you begin
You must have completed the following actions:
-
Downloaded the Certificate Signing Request file and had it signed by a Certificate Authority
-
Saved the certificate chain in PEM format
-
Included all certificates in the chain, from the Unified Manager server certificate to the root signing certificate, including any intermediate certificates present
You must have the Application Administrator role.
About this task
|
If the validity of certificate for which a CSR was created is more than 397 days, then the validity will be reduced to 397 days by the CA before signing and returning the certificate |
Steps
-
In the left navigation pane, click General > HTTPS Certificate.
-
Click Install HTTPS Certificate.
-
In the dialog box that is displayed, click Choose file… to locate the file to upload.
-
Select the file, and then click Install to install the file.
For information, see Installing a HTTPS certificate generated using external tools
Example certificate chain
The following example shows how the certificate chain file might appear:
-----BEGIN CERTIFICATE----- <*Server certificate*> -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- <*Intermediate certificate \#1 \(if present\)*> -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- <*Intermediate certificate \#2 \(if present\)*> -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- <*Root signing certificate*> -----END CERTIFICATE-----