Generate private key for new SSL certificate

By default, SSL is disabled. You can generate a private key to enable SSL after you generate a new certificate. You can use a valid self-signed certificate if you have a private key or a PKCS-12 file, and the private key and certificate were generated from the same Certificate Signing Request (CSR).

Export your appliance components to a different location and enable SSH in case there is an error that might require the appliance to stop the key generation.

1.	On the left navigation pane, click Settings > Control Panel to display the Control Panel, then click Security to display the Security Settings page.

2.	Click Enable SSL to use a new certificate or a valid self-signed SSL certificate. Note that Quest KACE does not recommend using a self-signed certificate.

◦	Generate a new SSL certificate:

1.	Click Get New SSL Certificate to display the SDA Advanced SSL Settings wizard.

2.	Fill in the fields to generate a CSR.

3.	Download the private key and save the key in a safe place to use to enable SSL when you get a valid certificate from your Certificate Signing Authority.

4.	Copy or download the generated CSR and send it to your Certificate Signing Authority.

◦	Use a self-signed certificate:

▪	Click Can I use a self-signed certificate instead?, then click Save and Restart Apache.