Use this workflow to purchase, convert and install server certificates.
Related information can be found in the sections after the flowchart.
action_zoom_plus_stroke
Figure :
Server certificate workflow
Configure the DNS name for the BMS server
You must configure the DNS name for the BMS server to prevent the certificate from being locked down to a specific IP.
Install OpenSSL
Download and install OpenSSL.
OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.
OpenSSL is used when you generate a Certificate Signing Request (CSR). OpenSSL is also used when converting CRT or CER files to PEM files.
Generate a Certificate Signing Request (CSR)
Before you can order an SSL Certificate, you will need to generate a CSR if you want to generate your private key yourself.
The CSR contains information, for example, common name, organization, and country, that the Certificate Authority (CA) will use to create your certificate. It CSR also contains the public key that will be included in your certificate and is signed with the corresponding private key.
Pour plus d'informations, voir Generating a Certificate Signing Request (CSR)
.
Purchase the CA certificate
Purchase SSL certificate through a certificate authority. Provide the created CSR to the certificate authority.
You then receive the certificate in CRT, CER or PEM format.
Convert CRT or CER files to PEM files
BMS only supports PEM format. You must convert all CRT or CER files to PEM.
Pour plus d'informations, voir Converting CRT or CER files
.
Add the Certificate
Add the certificate to the BMS server.
Pour plus d'informations, voir Adding a Certificate
.
Verify the Connection
Verify that the connection to WebStation is secure by accessing the BMS server via HTTPS.