Integrate SSL certificate

This section explains how to create a valid certificate for HTTPS support of the load balancer. The SSL certificate to be generated must be adapted to the load balancer host name in order to avoid client warnings, especially Web browser warnings, and to ensure proper functioning.

To use SSL you need a valid certificate by a certification authority for the server hosting the load balancer. Ensure that the certificate is compatible with the Java version used by the client.

The certificate consists of two parts: the private key (file extension .key) to unencrypt the information returned to the client, and the server certificate (file extension .crt). An example on generating these files is described in chapter PPM server.

Procedure

  1. Add both files to a ZIP file.
  2. Copy the ZIP file to a location where Cloud Controller can access it.
  3. Start Cloud Controller.
  4. Stop the load balancer in Cloud Controller.
  5. In Cloud Controller, enter the command enhance <instanceID of the load balancer component> with sslCertificate local file "<path to ZIP file>".

    If the load balancer instance ID is loadbalancer_m and your ZIP file is located at c:\temp\lbcert.zip, enter the command enhance loadbalancer_m with sslCertificate local file "c:\\temp\\lbcert.zip".

    Please note the use of double backslashes or single slashes, e.g.: "c:/temp/lbcert.zip".

  6. Restart the load balancer.

The SSL certificate is now available.