Self-Signed Certificates, Base 3.3.2 and Later

Note: This video applies to Bomgar Appliances running Base 3.3.2 and later. For Bomgar Appliances running appliance software prior to Base 3.3.2, see Self-Signed Certificates – Basic Configuration Prior to Base 3.3.2 or Self-Signed Certificates – Advanced Configuration Prior to Base 3.3.2. To verify your version of Base, log into your /appliance interface and check the Status > Basics page.

Create and apply self-signed SSL certificates to your Bomgar Appliance to ensure the security of your support sites.

Download the Transcript (.pdf)

Transcript: Self-Signed Certificates, Base 3.3.2 and Later

Introduction

Applying a self-signed SSL certificate to your Bomgar site assures your customers that you guarantee the security of your site. Manage your certificates from the Security page of the /appliance interface.

Configuration

Start by clicking the Create button in the Certificate Installation section. Enter a Certificate Friendly Name to identify your certificate request. Select New Key, with a size of either 2048 bits or 4096 bits.

Enter your two-character country code. Your country code can be found by going to iso.org. Enter your state or province if applicable and then your city or locality. Supply your organization name and organizational unit. For your common name, enter your site's fully qualified domain name.

Finally, enter one or more subject alternative names (SAN). A SAN lets you protect multiple hostnames with a single SSL certificate. These can be in the form of DNS addresses or IP addresses. A DNS address could be a fully qualified domain name, such as support.example.com, or it could be a wildcard domain name, such as *.example.com. A wildcard domain name covers multiple subdomains, such as support.example.com, remote.example.com, and so forth. Be sure to define at least one SAN that matches your Bomgar support site name. If you are going to be using multiple hostnames for your site, be sure to define each of those hostnames as additional SANs.

Once you have finished with your configuration, click Create Self-Signed Certificate. Your self-signed certificate should now appear in the Certificates table.

Assign IP

It is important to remember that your new certificate will not secure any hostnames until you assign it to one or more IP addresses. To apply your certificate to an IP address, click the certificate name. At the bottom of the page, select the IP addresses to which this certificate should apply. Then click Save Configuration.

This certificate will now serve as the SSL certificate for the IP addresses you selected. Note that the default certificate cannot be edited or removed.