Skip to Content

Default language.

Information
Important This documentation space contains information about the SaaS version of BMC Helix Discovery. If you are using the on-premises version of BMC Helix Discovery, see BMC Helix Discovery 25.2 (On-Premises).

Managing custom certificate authorities

Managing custom certificate authorities (CAs) enables you to add your own trusted CAs to the system. In environments where certificates are valid only within your organization, public certificate validation fails because the certificate chain does not link to public root certificates, even though the certificate itself is trusted internally.

Custom certificate authorities are only used by credential brokers.

Related topics

Integrating with credential brokers

To add a custom root certificate

 
You add custom certificate authorities in the BMC Discovery Outpost.

Custom root certificates are added as .pem files. To add a custom certificate:

  1. From the BMC Discovery Outpost main menu, click Manage > Certificate Authorities.
    The Certificate Authorities screen is displayed:
    add-cert.png

  2. Click Add Certificate Authority.
    The Add Certificate Authority screen is displayed:
    Add-cert-filled.png
  3. Enter the following information:
    • Certificate label—A label for the certificate. If you do not enter one, the certificate subject is used.
    • Certificate description—A free text description of the label.
  4. Attach the .pem file, click Attach file, and use the system file browser to locate the certificate authority file.
  5. Click Apply.
    The certificate is added:
    cert-added.png

Managing custom root certificates

To manage your certificates, use the Actions menu. The Actions menu has the following options:

  • Edit 
    • Edit the certificate label or description.
    • Attach a new certificate by using Attach file.
  • Delete to remove the certificate.
  • Click Details to view detailed information about the certificate. The following information is taken from the data you entered, or from the certificate:
    • Label
    • Description
    • Subject
    • Self Signed
    • Expired
    • Issuer
  • The following information is provided about the use of the certificate:
    • In Use
    • Valid Until
    • Valid After
    • Created 
    • Modified 

Reordering multiple certificates

Unless you specify a particular certificate in the credential broker that you are using, certificates are tried in the order that they are displayed in the Certificate Authorities screen. Reorder the certificates by dragging them into the order that you require.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Helix Discovery (SaaS)