For you to be able to change to your SSL certificate on the ITA server, it needs to be an Apache 2.x/PEM format certificate consisting of two files (*.key, *.crt).
It is best practice to disable access to the web clients before starting to update any certificates to ensure no client is connected with a false certificate.
If your setup includes a disaster recovery node and you need a certificate on it, upload certificates to the DR server in the same way as for a standalone server.
Preparing a certificate for upload
Password
A password protected key is not supported. Strip the password from the key before uploading it.
Intermediate or certificate bundle
If your certificate chain requires an intermediate certificate, append it to the .cert file. When appending, ensure you include everything, including the lines: "-----BEGIN CERTIFICATE-----" & "-----END CERTIFICATE-----" as there may be several lines for this intermediate certificate.
No users in the system during upload
The Apache HTTPD server will be reloaded during this process, so ensure no users are using the system during the upload.
Uploading a certificate
- Open the Webmin web interface by selecting Administration > Webmin in the IT Advisor web client.
Alternatively, type the address of your IT Advisor server in a web browser followed by :10000,<https://>:10000. - Log into Webmin using the user credentials created during the installation and in the left menu, select EcoStruxure IT Advisor.
- In the submenu, select Certificates.
- Follow the instructions on the page.
- Verify everything is working correctly by launching a web client and checking there's a green padlock icon in the address line.
