Miscellaneous Procedures > Administering Security Certificates for HTTPS and SSH on the OnSite

Administering Security Certificates for HTTPS and SSH on the OnSite
Configuration of security certificates is required to support the security features in the following list:
Because HTTPS requires an SSL certificate to be installed in the web server, the OnSite automatically generates and installs its own self-signed certificate. The OnSite administrator needs to replace the automatically-generated self-signed certificate.
OpenSSH software included in the OnSite supports optional authentication of SSH connections through exchange of X.509 certificates. The OnSite administrator needs to configure support for exchange of X.509 certificates requires configuration
The following table lists the procedures included in this document for administering security certificates. See also publicly available OpenSSL and OpenSSH documentation for additional details.
Replace the automatically-generated certificate in the Web server with a new certificate generated with your organization’s identification.
Note: The replacement for the automatically-generated certificate is usually used as a placeholder while an official CA-signed certificate is being obtained.
Request, install, and configure a certificate from a CA (certificate authority)
OR
Create your own local CA and generate a local (less secure but more practical in some environments)
Note: How to create your own CA is outside of the scope of this document
Note: Installing and configuring a CA-signed certificate is required both for HTTPS and for the optional use of SSL authentication based on the exchange of certificates.

Miscellaneous Procedures > Administering Security Certificates for HTTPS and SSH on the OnSite