Examine or Modify the Lighthouse SSL Certificate

Lighthouse ships with a private SSL Certificate that encrypts communications between it and the browser. Most browsers display a warning message when first trying to access Lighthouse.

Note: If you plan to use the Lighthouse Multiple Instance feature, the certificate is used on all instances. In this case, we recommend using a wildcard certificate.

To view the current certificate, in the Settings Pane, select > SECURITY > HTTPS Certificate.

Use one of the following options to add a new certificate:

• Generate CSR for signing

• Upload existing certificate
  

Generate CSR for Signing

1. In the Settings Pane, select > SECURITY > HTTPS Certificate.

   The details of the CURRENT SSL CERTIFICATE display.
   

2. Click Add new certificate.
   The ADD NEW HTTPS CERTIFICATE dialog displays.
   

3. Set the Select Setup Method to Generate CSR for Signing.

4. Complete the following fields as required:

   • Enter the Common Name.

   • Click Add new SAN to enter any alternative names for which the certificate is valid.

   • Enter the Organizational Unit.

   • Enter the Organization.

   • Enter the Locality/City.

   • Enter the State/Province.

   • From the drop-down, select the Country.

   • Enter the Email.

   • From the drop-down, select the Key Length (bits).

   • Enter the Challenge Password.

   • Enter the Password Confirmation.

   • Under Private Key File, click Select file to navigate to and upload a private key file.

5. Click Generate CSR.
   The dialog closes and the Pending Request table displays on the HTTPS Certificate page with the details for the generated CSR.

6. In the Pending Request table, click Download current signing request to download the CSR file.

   Note: Until the certificate is signed and uploaded, you can also click Delete current signing request to delete the request. If there are no pending requests, the Pending Request table disappears.

7. Sign the certificate externally (through the appropriate tools, for example, OpenSSL).

8. Below the Pending Request table, under Certificate File, click Select file to navigate to and upload the signed certificate.

   Note: The signed certificate must be PEM format.

9. Click Apply.
   The new certificate replaces the previous certificate in the Current SSL Certificate table on the HTTPS Certificate page and the Pending Request table disappears.
   A message displays to inform you that a browser refresh is required.

10. Refresh your browser.
    This may require you to re-login to Lighthouse.

Upload Existing Certificate

1. In the Settings Pane, select > SECURITY > HTTPS Certificate.

   The details of the CURRENT SSL CERTIFICATE display.
   
   

2. Click Add new certificate.
   The ADD NEW HTTPS CERTIFICATE dialog displays.
   

3. Set the Select Setup Method to Upload Existing Certificate.

4. Complete the following fields as required:

   • Under Certificate File, click Select file to navigate to and upload an existing certificate.

     Note: The certificate file must be PEM format.

   • Under Private Key File, click Select file to navigate to and upload a private key file.

     Note: The private key file must be PEM format.

   • If the Private Key File is encrypted, enter the Challenge Password and the Password Confirmation.

5. Click Add Certificate.
   The dialog closes and the uploaded certificate replaces the previous certificate in the Current SSL Certificate table on the HTTPS Certificate page.
   A message displays to inform you that a browser refresh is required.

6. Refresh your browser.
   This may require you to re-login to Lighthouse.