Installing a CA-signed SSL certificateΒΆ
As long as the system is set to use the self-signed SSL certificate created during the initial configuration process, browsers will return an untrusted certificate warning, which must be overriden to access the web interface.
To avoid this behavior, an SSL certificate that has been signed by an internal or commercial Certificate Authority (CA) will need to be installed:
Navigate to Configuration > Manage Certificate, click the Download CSR button, and then save the Certificate Signing Request to local storage.
Forward the CSR file to the CA for digital signing.
After receiving the Plixer Endpoint Analytics appliance certificate and the CA Bundle certificate in PEM format from the CA, copy the files to a location that can be accessed via the Plixer Endpoint Analytics web interface.
Return to the Manage Certificate page, and then click the Choose File button under SSL Certificate to browse to the appliance certificate file (.crt).
Still on the Manage Certificate page, click the Choose File button under CA Certificate to browse to the CA certificate file (.pem).
After both files have been selected, click Upload Certificate Files, and then wait for the confirmation that the files have been successfully uploaded.
To verify that the web interface is using the correct SSL certificate, use a browser to navigate to the login page using the FQDN specified in the CA-signed certificate. The browser should no longer return an untrusted certificate warning and the padlock icon in the address bar should be locked instead of open.