Installing a CA signed and returned HTTPS certificate

Contributors netapp-manini

You can upload and install a security certificate after a Certificate Authority has signed and returned it. The file that you upload and install must be a signed version of the existing self-signed certificate. A CA-signed certificate helps prevent man-in-the middle attacks and provides better security protection than a self-signed certificate.

What you’ll need

You must have completed the following actions:

  • Downloaded the Certificate Signing Request file and had it signed by a Certificate Authority

  • Saved the certificate chain in PEM format

  • Included all certificates in the chain, from the Unified Manager server certificate to the root signing certificate, including any intermediate certificates present

You must have the Application Administrator role.

Note

If the validity of certificate for which a CSR was created is more than 397 days, then the validity will be reduced to 397 days by the CA before signing and returning the certificate

Steps
  1. In the left navigation pane, click General > HTTPS Certificate.

  2. Click Install HTTPS Certificate.

  3. In the dialog box that is displayed, click Choose file…​ to locate the file to upload.

  4. Select the file, and then click Install to install the file.

Example certificate chain

The following example shows how the certificate chain file might appear:

-----BEGIN CERTIFICATE-----
<*Server certificate*>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<*Intermediate certificate \#1 (if present)*>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<*Intermediate certificate \#2 (if present)*>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<*Root signing certificate*>
-----END CERTIFICATE-----