When connecting to the Reporter in the browser over HTTPS we wish to have our own signed certificate displayed rather than the default self-signed certificate.

Prerequisites:

• Signed certificate with Server authentication extension in PEM format
• Private key in PEM format

To change the certificate used by the Reporter for the HTTPS web server we will need to establish a connection over port 22 (SSH). Once connected we'll use the following commands below to replace the private key:

1. enable
2. configure
3. ssl
4. inline keyring default showable yes
5. PASTE KEY
6. Ctrl+D
7. inline certificate default
8. PASTE CERTIFICATE
9. Ctrl+D
10. exit

Refresh the browser and now you'll see the new certificate.

The "inline keyring default showable" command is used to replace the private key that is stored on the appliance in the default keyring. The "showable" option specifics if it will be possible to view the private key after importing it on the Reporter appliance. If we wish to make this not shown (will not be possible to view afterwards) then we would exclude the "showable" option (i.e. inline keyring default). The private key will need to be in a PEM format and not password protected as we do not support specifying password when importing private keys.

The "inline certificate default" command is used to replace the certificate that is stored on the appliance in the default certificate store. The certificate will need to be in PEM format as well.