Install an HTTPS certificate for secure access
By default, BlueXP uses a self-signed certificate for HTTPS access to the web console. If required by your business, you can install a certificate signed by a certificate authority (CA), which provides better security protection than a self-signed certificate.
Before you begin
You need to create a Connector before you can change BlueXP settings. Learn how.
Install an HTTPS certificate
Install a certificate signed by a CA for secure access.
-
In the upper right of the BlueXP console, select the Settings icon, and select HTTPS Setup.
-
In the HTTPS Setup page, install a certificate by generating a certificate signing request (CSR) or by installing your own CA-signed certificate:
Option Description Generate a CSR
-
Enter the host name or DNS of the Connector host (its Common Name), and then select Generate CSR.
BlueXP displays a certificate signing request.
-
Use the CSR to submit an SSL certificate request to a CA.
The certificate must use the Privacy Enhanced Mail (PEM) Base-64 encoded X.509 format.
-
Upload the certificate file and then select Install.
Install your own CA-signed certificate
-
Select Install CA-signed certificate.
-
Load both the certificate file and the private key and then select Install.
The certificate must use the Privacy Enhanced Mail (PEM) Base-64 encoded X.509 format.
-
BlueXP now uses the CA-signed certificate to provide secure HTTPS access. The following image shows a BlueXP account that is configured for secure access:
Renew the BlueXP HTTPS certificate
You should renew the BlueXP HTTPS certificate before it expires to ensure secure access to the BlueXP console. If you don't renew the certificate before it expires, a warning appears when users access the web console using HTTPS.
-
In the upper right of the BlueXP console, select the Settings icon, and select HTTPS Setup.
Details about the BlueXP certificate displays, including the expiration date.
-
Select Change Certificate and follow the steps to generate a CSR or install your own CA-signed certificate.
BlueXP uses the new CA-signed certificate to provide secure HTTPS access.