If a new CA certificate is uploaded for the currently configured and in-use X.509
authenticator, you must re-apply the certificate in order to make it effective.
To re-apply certificates to an existing X.509 authenticator:
-
Select the Administration tab. Tabs remember the
page you last worked on, so select the tab again to ensure you're on the
Administration page.
-
Under User Management, click Secure
Access.
-
Click the X.509 Authenticators tab and click an
existing X.509 authenticator > authenticator name menu and select
Edit.
-
Under X.509 Authenticator, click Choose
File to upload a new CA certificate file.
Note: You can edit other
parameters while you are editing the X.509 authenticator.
However, modifying the Primary or Secondary URL of the currently
configured and in-use X.509 authenticator will take effect
immediately once you edit and update the X.509
authenticator.
-
Click Update.
-
Select the Administration tab. Tabs remember the
page you last worked on, so select the tab again to ensure you're on the
Administration page.
-
Under User Management, click Secure
Access.
-
Under General, select the X.509 authenticator you have
modified with the new CA certificate from the X.509
Authenticator drop-down menu. You can leave other fields as
is.
-
Under Server Certificate Settings, select
Custom > Reapply.
-
Click Update. The Confirm Web Access
Configuration opens.
-
Under Confirm Configuration, verify your
changes.
Listed changes will include the IP address of the Address Manager
server, HTTPS or HTTPS status (enable/disable), and
certificate type.
-
Click Yes. The Address Manager server will
be temporarily unavailable as the changes are committed and the server
restarts.
Result:
- Log in to Address Manager once the configuration is compete.
Note: After modifying HTTP or
HTTPS, your browser might warn you about an unknown or invalid
certificate. This warning will cease once you accept the
certificate and log in to Address Manager.
- From the certificate warning, proceed to the site. Depending on your
browser, this might entail clicking a button or creating an exception.