Requesting a Certificate from a Certificate Authority
To encrypt HTTPS Web Reports with a certificate that browsers implicitly trust, request a signed certificate from a trusted Certificate Authority (or CA) such as Verisign as follows.
- Create a Certificate Signing Request (csr)
- Forward the
.csr
file to a Certificate Authority (CA). They will issue you a signed (browser-trusted) certificate for your server. Request the certificate as a.pem
file that includes the entire trust chain.Important: The following steps explain how to combine the private key file with the signed certificate file for convenience in later configuration steps. If you prefer, you can use them separately and skip the following steps.Note: You can use a key pair generated for BigFix Inventory and License Metric Tool also for Web Reports only if the private key is not password protected.
- After you have received the signed certificate file, DO NOT import it to any Microsoft default certificate handling facilities.
- Open the private key file from which you removed the password (
nopwdkey.pem
), and copy its content to the clipboard. - Open the signed certificate file with Notepad++, or another text editor.
- Append the content copied in step 4 to the signed certificate file. This is an example of the
resulting content:
where-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- ... -----END RSA PRIVATE KEY-----
...
represents any text. - Save the modified
.pem
file containing the public certificate and private key. - Store this file on your server and refer to it when setting up your Web Reports.