VIP uses certificates to secure communication between third-party integrations, custom applications, and VIP cloud services. VIP Manager can automatically create a private key when a certificate is requested. The certificate should be downloaded in PKCS#12 (PFX) format for use with the VIP Enterprise Gateway and applications that use VIP web service APIs. PEM format is also available for applications that require this format.
Follow these steps to request and download the VIP certificate:
From the VIP Manager Dashboard, select Account, then click Manage VIP Certificates in the Links pane on the right side of the page.
On the Manage VIP Certificates page, click Request a Certificate.
Read the instructions on the Certificate Instructions page, and click Continue.
Type a name for the certificate in the Certificate Name field. You may want to include an identifier like "VIP" in the name so that you'll remember that this is the certificate you use to access VIP Services.
Read the text in the Important Service Requirements area, and click Submit Request.
Once the certificate request has been approved, select the required file format and set a password to secure the file. This password will be needed later to install the certificate.
Click Download Certificate and save the VIP certificate to a safe location.
Install a new VIP certificate on the VIP Enterprise Gateway
Once the VIP certificate has been downloaded, login to the VIP Enterprise Gateway console and do the following:
Click on the Settings tab from the top navigation bar.
Select VIP Certificate from the list of links in the left column.
Click Add VIP Certificate.
Select the file that was downloaded from the VIP Manager using the same password.
Give the certificate an alias. This is simply a way to identify the certificate.
Once the VIP certificate is successfully imported, the list of currently installed VIP certificates will be displayed. Locate the new certificate in the list and click Use this Key from the Action column to switch to the new certificate.
Once the new certificate is enabled, a prompt will be displayed to restart any services currently running that are using the previous VIP certificate such as LDAP sync, validation servers, the Self Service Portal, and Manager IdP.
Note: The simplest way to determine which services require a restart is to click on the Home tab from the top navigation bar, and to check under the Validation tab. Those services that require a restart will be so noted.
Imported Document ID: SO14737
Subscribing will provide email updates when this Article is updated. Login is required.