When you install TrueSight Capacity Optimization, an Apache web server is automatically installed, and a private key with a self-signed certificate is generated during installation. The web server is a part of the web application component of the Application Server.
To prevent certificate-related warnings while accessing the TrueSight Capacity Optimization from a browser, you must install a certificate that is signed by a Certification Authority (CA) into the web server. The certificate can be signed by an enterprise CA or a third-party CA.
After you install the CA-signed certificate, a trusted TLS communication is established between the browser and the web server.
Ensure that you have the CA-signed certificates and the private key. These files must be saved to the server directory where all the certificate and key files are available.
If you receive the domain-specific certificate (for example, myserver.crt) and intermediate certificate chain (for example, intermediate.crt) from a CA, concatenate the intermediate.crt to myserver.crt. For example, use the following command on a Linux system for concatenating certificates:
cat intermediate.crt >> myserver.crt
For more information about concatenating certificates, see the SSLCertificateFile directive at the website.
Rename the CA-signed certificate and private key with the same certificate and key file names that are defined in ssl.conf.
Log on to the host computer where the Application Server is installed.
Run the following command to restart the Apache web server.
The new URL to connect to TrueSight Capacity Optimization will be https://<HOSTNAME>/console.
To verify that a trusted connection is established with the web server, complete the following steps:
Open a new browser window, and type the URL to access the TrueSight Capacity Optimization console.
If the certificate is correctly applied, the secure symbol is displayed besides the https:// URL as shown in the following image:
If the browser still shows a warning about an insecure connection, verify that the trusted root certificate from the CA is available in the certificate store or the keystore of your browser.