To install a certificate signed from a Certificate Authority you must obtain an SSL certificate from a CA and import it in your local keystore.
Make sure that you have generated a new SSL certificate.
(Optional) Create a certificate signing request by running the following command in the Java utility.
keytool -certreq -alias mySslCertificate -file certreq.csr \ -keystore <your_keystore_filename>
The utility generates a file called certreq.csr.
(Optional) Submit the certreq.csr file to a certificate authority, such as VeriSign or Thawte.
Procedures might vary from one CA to another, but they all require a valid proof of your identity.
The CA returns a certificate that you must import.
(Optional) Import the SSL certificate in your local keystore.
Download a root certificate from the CA that signed your certificate.
Import the root certificate in your keystore by running following command in the Java utility.
keytool -import -alias root -keystore <your_keystore_filename> \ -trustcacerts -file <filename_of_the_root_certificate>
Import the SSL certificate signed by the CA (the SSL certificate must be in X509 format).
keytool -import -alias mySslCertificate -keystore <your_keystore_filename> \ -trustcacerts -file <your_certificate_filename>
The SSL certificate is installed. You can change the Web views SSL certificate, the SSL certificate for the Orchestrator configuration interface, or the SSL certificate for the Orchestrator client.