10.3.4 Replacing an Existing Certificate with a new Self-Signed or CA-Signed Certificate
A self-signed certificate is created and installed during NNMi installation. You would typically replace a certificate in any of the following scenarios:
-
To use a new self-signed or CA-signed certificate instead of the default certificate.
-
To renew an expired certificate.
To replace a certificate, do the following:
-
Generate a self-signed certificate. For details, see 10.3.1 Generating a Self-Signed Certificate.
Or, if you organization requires the certificate to be signed by a CA, generate a CSR (Certificate Signing Request) file and obtain a CA signed certificate. For details, see 10.3.2 Generating a CA-Signed Certificate.
-
Test HTTPS access to the NNMi console using the following syntax:
https://<fully_qualified_domain_name>:<port_number>/nnm/.
If you have used CA-signed certificate and if the browser trusts the CA, it will trust the HTTPS connection to the NNMi console.
If you have used self-signed certificate, browser displays a warning message about the untrusted HTTPS connection to the NNMi Console.