Creating a Grid-signed SSL certificate

At some point the existing SSL certificates will expire, or the files are damaged or compromised and must be changed. This function substitutes the existing SSL certificate for a host with a new Grid-signed SSL certificate. If an SSL certificate signed by an external CA is used, instead submit a new certificate signing request (CSR) to that CA.

  1. Start the Grid Configuration Manager and select Security > Certificates.
  2. Identify the Grid Host to create an SSL certificate for and click the Manage Certificates link.
  3. Click on Create Grid Signed SSL certificate. If you are using an SSL certificate signed by an external CA, a warning message that you must respond to is displayed.
  4. Specify the information about the certificate.Host FQDN (CN). Ensure Host FQDN matches the grid host name.

    Ensure these fields are filled in as expected by your certificate signing service:

    • Organization Unit (OU)

    • Organization (O)

    • Locality Name (L)

    • State or Province (ST)

    • Country (C)

    Alternative Names

    If you plan to use aliases or load balancers, add these names as alternative names.

  5. Click Create certificate.
  6. After a short process the new SSL certificate is displayed in the Certificate Management page for the Host.