Skip to Content
This is the latest documentation for BMC Helix Network Management (formerly known as Netreo).

 

Install your own SSL certificate

BMC Helix Network Management ships with a built-in self-signed certificate for use with SSL/TLS to make secure communications with it simple.

However, a fully signed certificate can be easily installed through the UI.

Navigate to the SSL/TLS Certificate Administration page (Administration > System > SSL/TLS Certificate Administration).

Certificate Admin.png

Then, follow the instructions below for the appropriate type of certificate you wish to install.

CA Signed Certificate

  1. Click the Generate a CSR button to open the certificate signing request form.
    CSR Form.png
  2. Fill out the form and click the Submit button. (BMC Helix Network Management can generate either a CN (Common Name) CSR or a SAN (Subject Alternative Name) CSR, depending on whether you use the optional SUBJECT ALTERNATIVE NAMES field when completing the request form.)
  3. A certificate signing request is generated. Copy the contents into a text document and send it to your chosen certificate authority. Be advised that there is no way to retrieve this text again once you have navigated away from this page, short of re-filling out the form.
    Generated CSR.png
    1. You can now navigate away from this page, or click the Return to SSL Certificate Administration button to complete another form.
    2. When you have received your certificate, return to the SSL/TLS Certificate Administration page to continue with the next step.
  4. Click the Install Certificate from generated CSR button.
    Install Cert from CSR.png
  5. Click the Browse button to locate your certificate file, and then click the Submit button.
    1. A message will appear that your new certificate is installed and that the Apache HTTP server is restarting.
    2. Do not refresh the page after clicking Submit.
  6. (Optional) If you want BMC Helix Network Management to automatically provide HTTPS redirection for users, click the HTTPS Redirection button.
    https redirection.png
    1. Enter the FQDN (or common name as seen on your certificate) of BMC Helix Network Management and click Submit. BMC Helix Network Management will restart the Apache HTTP server with HTTPS redirection.
    2. You should see a lock icon in the address bar of your browser, indicating that BMC Helix Network Management is now secure. Click this icon to see information about your newly installed certificate.
  7. You are now finished. See Troubleshooting below for help if you experience any problems.

Wildcard Certificate

  1. Click the Install Certificate and Key button.
    Install Cert and Key.png
    1. Click the Browse button to locate your certificate file.
    2. Click the Browse button to locate your key file.
    3. Click the Submit button.
      1. A message will appear that your new certificate is installed and that the Apache HTTP server is restarting.
      2. Do not refresh the page after clicking Submit.
  2. (Optional) If you want BMC Helix Network Management to automatically provide HTTPS redirection for users, click the HTTPS Redirection button.
    https redirection.png
    1. Enter the FQDN (or common name as seen on your certificate) of BMC Helix Network Management and click Submit. BMC Helix Network Management will restart the Apache HTTP server with HTTPS redirection.
    2. You should see a lock icon in the address bar of your browser, indicating that BMC Helix Network Management is now secure. Click this icon to see information about your newly installed certificate.
  3. You are now finished. See Troubleshooting below for help if you experience any problems.

Other Certificate Types

Installation of certificate types other than self-signed and wildcard single certificates is not supported through the BMC Helix Network Management UI.

To install certificate chains or certificates with Subject Alternative Name (SAN) values, contact BMC Helix support. Our support engineers will be happy to install those certificate types in BMC Helix Network Management for you.

Troubleshooting

If, after installing your certificate, you experience any unexpected behavior—such as your browser not showing BMC Helix Network Management as secure after installing a certificate—try clicking the Restart HTTP Server button on the SSL/TLS Certificate Administration page. This will immediately restart BMC Helix Network Management's Apache HTTP server, which often solves minor issues.

 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Helix Network Management