Server Certificate

When you first install the BMC AMI Ops Console Management, a self-signed certificate is generated. You require a signed certificate provided to you by your enterprise's certificate authority. This certificate is generated with default values, so you need to create a new self-signed certificate with values appropriate for your environment.

Related topics

Using-the-Configurations


On the Server certificate page, you can perform the following actions:

  • Click Create New Self Signed Certificate to request a signed certificate for your system with values appropriate for your environment. For more information, see Creating a New Self Signed Certificate.
  • Click Download Certificate Request to generate a certificate signing request (CSR), which must be signed by the certificate authority in your company.
  • After you receive the certificate from the certificate authority, click Upload Signed Certificate to install the certificate on the system. For more information, see Uploading Server Certificate file(s).

If your current signed certificate expires or is about to expire, you can follow the above procedure.

Creating a New Self Signed Certificate

Click +Create New Self Signed Certificate to create a self-signed certificate.

  1. Click Create to generate a new certificate.The new certificate uses the values supplied in the text field for the common name.

    Important

    The new certificate contains the current host name as a default name. You can change this to the IP address or the name that is used to access the 

    BMC AMI Ops Console Management

     unit.

  2. In the Create a Certificate window, enter the values per your specification. For more information, see the table below.

  3. Click Save to generate and save the self-signed certificate.

    Important

    The new certificate is not used until the BMC AMI Ops Console Management web server is restarted either by rebooting the BMC AMI Ops Console Management box, or manually restarting Tomcat using a Putty (or SSH) session to the BMC AMI Ops Console Management box.

The following table describes the UI features in the Create a Certificate window: 

UI feature

Description

Host Name

(Required) Enter the name of the host machine for which you are creating the certificate.

Organization Name

Enter the organization's name (corporation, limited partnership, university, or government agency), which must be registered with some authority at the national, state, or city level. Use the legal name under which your organization is registered.

Company Name

Enter the name of the company for which you are creating the certificate.

City

Enter the name of the city where your company is located.

State

Enter the state name or code where your company is located.

Country

Enter the 2-character ISO format country code.

For example, GB is the valid country code for Great Britain, and US is the valid code for the United States.

Algorithm

Select the algorithm you want to use to create the certificate. This algorithm adds additional security.

Key Size

Enter the key size of the algorithm you have selected for the certificate.

Key size is enabled after you select the algorithm, all possible key sizes are shown as per the algorithm selected.

 Uploading Server Certificate files

You can upload one or more signed certificate files to the server and apply them.

Important

The certificate authority can provide the required signed certificate files for uploading.

Click Upload Signed Certificate to upload the signed certificate. In the Upload Server Certificate window, you can attach the following certificate file types: .cer, .pem, .p7b, .p12, .pfx, and .zip.

 After you select the files (and provide a password if required) and click on the Upload button, certificate details are displayed for you to review.

You can review the uploaded certificate details and click on the Commit button to save the changes and apply them to the server. Restart the servers for the certificate to take effect.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*