Generate a Certificate Signing Request Using the Operations Console
To replace a console certificate with a certificate by a third-party certificate authority (CA), you must generate a certificate signing request (CSR) and submit it to the CA. You may need to replace the console certificate for any of the following reasons:
Your network policy requires that you use certificates issues by another CA.
Your existing certificate is expired.
You submit a CSR to a CA to obtain a signed certificate. Use the Operations Console to generate a CSR.
Before you begin
You must be an Operations Console administrator.
Consult your CA to ensure that you have all of the required information for the CSR.
Procedure
In the Operations Console, click Deployment Configuration > Certificates > Console Certificate Management.
In the Console Certificate Management page, click Generate CSR.
In the Generate Certificate Signing Request page, under Certificate Basics, enter the requested information.
Depending on your CA, you are asked to supply some or all of the following information:
(Required) Alias. The name of this certificate. This name appears underAliason the Console Management page. Only a-z, A-Z, space, and comma characters are allowed.
Country Name. The country where your organization is located. The value supplied to your CA is the two-letter country code.
State or Province Name. The state or province where your organization is located.
City or Locality Name. The city or town where your organization is located.
Organization Name. The legal name of your organization.
Organizational Unit Name. The division of your organization that is ordering the certificate, for example, engineering, accounting, marketing, and so on.
E-mail Address. An official e-mail address for verification, for example, administrator@mycompany.com.
Subject Alternate Name. The Subject Alternate Name (SAN) allows you to protect multiple fully qualified domain names (FQDNs) with a single certificate. You can enter one or more FQDNs as comma-separated values, for example, authservices.corp.com,authexample.com. The default value is the FQDN used by the AM administrative consoles.
Key Size. The encryption key size, for example, 4096. The default value is 2048.
Click Generate File.
In the Download File page, click Download.
Follow the browser prompts to save the CSR file.
In the Download File page, click Done.
After you finish
Send the certificate request file to the CA for signing and save the signed certificate request file on your local machine.
Import the trusted root and signed certificates and activate them. See Import a Console Certificate.
Related Concepts
Related Articles
RSA Authentication Manager Operations Console fails to display virtual host certificates Number of Views Administration server with Operations Console service fails to start for RSA Authentication Manager 8.x Number of Views Importing an SSL console certificate PKCS#12 file to the RSA Authentication Manager 8.2 Operations Console fails with pass… Number of Views How to generate a Certificate Signing Request (CSR) with the Subject Alternative Name (SAN) field using openssl on RSA Aut… Number of Views Delete unwanted Certificate Signing Requests (CSR) from the RSA Authentication Manager Operations Console Certificate Mana… Number of Views
Trending Articles
How to download and install the AFX Server Archive in RSA Identity Governance & Lifecycle RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide The Template ({Connector Template Name}) has missing file content error when creating AFX Connectors in RSA Identity Gover… Downloading RSA Authentication Manager license files or RSA Software token seed records Troubleshooting RSA MFA Agent for Microsoft Windows
