Re-applying certificates to an existing X.509 authenticator - BlueCat Integrity - 9.4.0

Address Manager Administration Guide

Locale
English
Product name
BlueCat Integrity
Version
9.4.0

If a new CA certificate is uploaded for the currently configured and in-use X.509 authenticator, you must re-apply the certificate in order to make it effective.

To re-apply certificates to an existing X.509 authenticator:

  1. Select the Administration tab. Tabs remember the page you last worked on, so select the tab again to ensure you're on the Administration page.
  2. Under User Management, click Secure Access.
  3. Click the X.509 Authenticators tab and click an existing X.509 authenticator > authenticator name menu and select Edit.
  4. Under X.509 Authenticator, click Choose File to upload a new CA certificate file.
    Note: You can edit other parameters while you are editing the X.509 authenticator. However, modifying the Primary or Secondary URL of the currently configured and in-use X.509 authenticator will take effect immediately once you edit and update the X.509 authenticator.
  5. Click Update.
  6. Select the Administration tab. Tabs remember the page you last worked on, so select the tab again to ensure you're on the Administration page.
  7. Under User Management, click Secure Access.
  8. Under General, select the X.509 authenticator you have modified with the new CA certificate from the X.509 Authenticator drop-down menu. You can leave other fields as is.
  9. Under Server Certificate Settings, select Custom > Reapply.
  10. Click Update. The Confirm Web Access Configuration opens.
  11. Under Confirm Configuration, verify your changes.
    Listed changes will include the IP address of the Address Manager server, HTTPS or HTTPS status (enable/disable), and certificate type.
  12. Click Yes. The Address Manager server will be temporarily unavailable as the changes are committed and the server restarts.

Result:

  1. Log in to Address Manager once the configuration is compete.
    Note: After modifying HTTP or HTTPS, your browser might warn you about an unknown or invalid certificate. This warning will cease once you accept the certificate and log in to Address Manager.
  2. From the certificate warning, proceed to the site. Depending on your browser, this might entail clicking a button or creating an exception.