Installing an SSL cert

June 19, 2008

this should be simple… then again – nothing is ever as simple as it should be.

First you need a certificate authority file from the vendor of your certificate – You need a CA file for each server you want to access through https.

To upload these CA files, go the the Administration Section of the admin console > Certificate Authorities > and browse to the file. Also, these files must be in the supported .pem format, if not they will need to be decrypted… use openssl to do this.

So…. all of the CA files are in place on the Google box.

Next, go to the SSL Settings section > Install an SSL Certificate, browse to find your cert and private key (in .pem format)

Click the View Certificate Info button – and this should display the new cert info.

If you’re ready to install the cert, click the ‘Install SSL Certificate’ button – how simple is that. (By the way, this will restart the appliance.) If all that works – you’ll log in again – test the appliance by running some queries for secure content, if you don’t get any prompts to enter credentials, etc then the cert should be good.

Let’s take a step back though… what if after you browse to find your cert and .pem file, click view cert info, the page refreshes, but nothing has changed… well – that is a good question. First thing to check is, are your certificate authorities installed? In my case – Yes.

So what next – the cert file seems to be ok, the private key seems to be ok, it’s in the proper format.

What next? Good question – still working on that.

Nothing is ever as simple as it should be.

Posted in Enterprise Search, Google, Google Search Appliance | Leave a Comment »

Leave a Reply