Management Center (MC) uses the self-signed certificate on the management web interface by default. MC version 2.x and above supports creating keyring (private key), signing-request and importing signed certificate. It also support importing private key and signed certificate created offbox.
Note: commands presented on this article is applicable on 2.x and 3.x. For version 1.11.x or below, please see article TECH248505
With self-signed certificate the customer gets the browser error complaining about the untrusted certificate
All browsers come with a certificate trust store that has all public root Certificate Authorities (CA). Since Management Center default certificate is self-signed the customer can eliminate the browser untrusted certificate issue by using a certificate signed by their trusted CA.
Note: Suggest to create temporary keyring such as "sslkey" or any name you prefer. Once you understood the overall process of given steps below, you can easily overwrite the keyring and certificate named "default"
Creating keyring, signing-request and importing signed certificate 1 . On this example, we will use a temporary keyring named "sslkey".