Managing authorizations
12.3.2.2
Creating and enabling a new self-signed SSL certificate
The preinstalled standard certificate contains data which is naturally not customer-specific.
If you want to work with a certificate with customer-specific data, you can at any time create
and use such a certificate. This action can also be necessary when you want to renew a
certificate.
i
In the tree structure select Authorizations → Certificates [→ <mu-name> (MU)].
Ê
In the Current SSL certificate group, click Create and enable new SSL certificate.
Ê
The Create and enable SSL certificate dialog box opens.
Make the necessary entries. Detailed information on the entries is provided in the SE
Ê
Manager help.
Click Create and enable.
Ê
The certificate is created, activated immediately and displayed as the current certificate.
12.3.2.3
Requesting an SSL certificate
i
U41855-J-Z125-3-76
Notes:
When a certificate is activated, the web server is also automatically rebooted.
●
As the web browser does not know how trustworthy the new certificate is, like
●
the standard certificate it must be explicitly accepted or imported (see the
section "Confirming/importing a certificate in the web browser" on page
Any existing request is overwritten.
For the following reasons you should not perform reinstallation or change the host
name between requesting an SSL certificate (creation of the certificate signing
request) and entering the signed certificate into the system:
–
When the certificate signing request is created, it is linked to the system's
standard SSL key. If this key is changed in the system in the time between the
certificate signing request being created and the signed certificate being
entered in the system, the certificate cannot be used.
–
A new standard SSL key is created when reinstallation takes place or when the
host name is changed.
Certificates
314).
319