Using genuine SSL certificates is good for security. It lets users know the device/host they’re connecting to is genuine, and prevents man-in-the-middle attacks. It also removes nasty warnings in the browser title bar.
On a workstation with OpenSSL installed, create a new key and certificate signing request:
openssl req -new -newkey rsa:2048 -nodes -out vma.csr -keyout vma.key
OpenSSL will write out a new private key, and then request answers to a few questions. Once done, submit the CSR to your Certificate Authority.
When the new certificate has been issued, save it in the same folder as the private key.
Create a PEM file on Windows using:
type vma.key vma.crt > server.pem
On Linux use:
cat vma.key vma.crt > server.pem
Using SFTP, login as vi-admin and upload server.pem.
SSH to the vMA appliance and login as vi-admin. Navigate to the correct folder:
Backup the existing certificate:
sudo mv server.pem server.pem.old
Move the new PEM file into place:
move /home/vi-admin/server.pem .
Restart the web server:
service vami-lighttp restart
You new certificate will now be in place.