Importing third-party certificates
Users with the Developer role can import third-party certificates. To provide trusted and secure communication over HTTPS for your site, you must add SSL certificates into your IBM Cloud® environments.
The third-party certificates are provided and certified by a trustworthy third-party certificate authority (CA). The issuance of these certificates through a trusted third-party automatically ensures the security of your site without the need for a riskier trust arrangement.
It is recommended that you provide the intermediate certificate and root certificate so that the application has a complete list of trust in the truststore. For client certificates, you can also use the trust chain to identify which certificate to use.
For more information about certificates, see Adding outbound certificates.
Before you begin
-BEGIN CERTIFICATE--END CERTIFICATE-- Open the remote website.
- In the URL, select the . A page opens that displays more information.
- Click View Certificate. The Certificate page
opens.
You can view the certificate details in the order of leaf, intermediate, and root. For example, if www.ibm.com is the leaf, DigiCert TLS RSA SHA 356 2020 CA1 is the intermediate certificate, and DigiCert Global Root CA is the root certificate.
- Download the intermediate or root certificates.
- Click the intermediate (DigiCert TLS RSA SHA 356 2020 CA1) or root (DigiCert Global Root CA) certificate tab.
- Under Miscellaneous, against Download click PEM(cert).
Ensure that you transfer the SSL certificates to the drop server. For more information, see Transfer SSL certificates to the drop server.
Procedure
Importing an SSL certificate
-
Log in to Self Service.
The Environment Dashboard is displayed.
- Click the environment name for the environment where you want to import trusted SSL certificates.
- Click the Processes tab.
- Click Start process.
- Start the Import third-party certificates process.