Concept
Server Certificate Workflow
Use this workflow to purchase, convert and install server certificates.
Related information can be found in the sections after the flowchart.
You must configure the DNS name for the BMS server to prevent the certificate from being locked down to a specific IP.
Download and install OpenSSL.
OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.
OpenSSL is used when you generate a Certificate Signing Request (CSR). OpenSSL is also used when converting CRT or CER files to PEM files.
Before you can order an SSL Certificate, you will need to generate a CSR if you want to generate your private key yourself.
The CSR contains information, for example, common name, organization, and country, that the Certificate Authority (CA) will use to create your certificate. It CSR also contains the public key that will be included in your certificate and is signed with the corresponding private key.
For more information, see Generating a Certificate Signing Request (CSR) .
Purchase SSL certificate through a certificate authority. Provide the created CSR to the certificate authority.
You then receive the certificate in CRT, CER or PEM format.
BMS only supports PEM format. You must convert all CRT or CER files to PEM.
For more information, see Converting CRT or CER files .
Add the certificate to the BMS server.
For more information, see Adding a Certificate .
Verify that the connection to WebStation is secure by accessing the BMS server via HTTPS.
Certificates
Generating a Certificate Signing Request (CSR)
Converting CRT or CER files