Install a Third-Party Signed Certificate

Install a third-party certificate to encrypt SSL/TLS traffic and eliminate the browser warning caused by a self-signed certificate.

• Verify the Library Has a Self-Signed Certificate
• Export Certificate Signing Request (CSR) File
• Obtain Required Certificates
• Import the Certificate File

Verify the Library Has a Self-Signed Certificate

Before installing a third party certificate, the library must have a self-signed certificate installed.

You cannot go directly from the default certificate to a third-party certificate. The library must have a self-signed certificate before installing a third-party signed certificate.

To install the self-signed certificate, see Generate a Self-Signed Certificate.

Export Certificate Signing Request (CSR) File

Export the file required to send to the certifying authority (CA).

1. Click Configuration in the left navigation area of the GUI.
2. Click the Certificate tab, and then click Export CSR .
3. Click Download.
4. Submit the CSR to the third-party certifying authority (CA).

Obtain Required Certificates

Ensure you have all the required information from the CA before importing the certificate.

Verify that you have obtained the following:

• Primary certificate of the trust anchor CA (such as VeriSign's public primary root CA)
• Intermediate certificate of the issuing SSL CA (optional). In cases where there is no intermediate issuer, you can omit the intermediate certificate. This is highly site-specific, so check with your company's security experts for requirements.
• Your newly issued SSL certificate

Import the Certificate File

Import the CA certificate file into the library to replace the self-signed certificate.

1. Click Configuration in the left navigation area of the GUI.
2. Click the Certificate tab, and then click Import Certificate .
3. Copy and paste each certificate file into the text box and click Next. To skip the intermediate certificate, leave the box blank and click Next.