SSL Certificate
When you install Palette VerteX, a self-signed certificate is generated and used by default. You can upload your own SSL certificate to replace the default certificate.
Palette VerteX uses SSL certificates to secure external communication. The internal components communication is by default secured and use HTTPS. External communication with Palette VerteX, such as the system console, gRPC endpoint, and API endpoint, requires you to upload an SSL certificate to enable HTTPS.
Enabling HTTPS is a non-disruptive operation. You can enable HTTPS at any time without affecting the system's functionality.
Prerequisites
-
Access to the Palette VerteX system console.
-
You need to have an x509 certificate and a key file in PEM format. The certificate file must contain the full certificate chain. Reach out to your network administrator or security team if you do not have these files.
-
Ensure the certificate is created for the custom domain name you specified for your Palette VerteX installation. If you did not specify a custom domain name, the certificate must be created for the Palette VerteX system console's IP address. You can also specify a load balancer's IP address if you are using a load balancer to access Palette VerteX.
Enablement
You can upload an SSL certificate in Palette VerteX by using the following steps.
-
Log in to the Palette VerteX system console.
-
Navigate to the left Main Menu and select Administration.
-
Select the tab titled Certificates.
-
Copy and paste the certificate into the Certificate field.
-
Copy and paste the certificate key into the Key field.
-
Copy and paste the certificate authority into the Certificate authority field.
-
Save your changes.
If the certificate is invalid, you will receive an error message. Once the certificate is uploaded successfully, Palette VerteX will refresh its listening ports and start using the new certificate.
Validate
You can validate that your certificate is uploaded correctly by using the following steps.
-
Log out of the Palette VerteX system console. If you are already logged in, log out and close your browser session. Browsers cache connections and may not use the newly enabled HTTPS connection. Closing your existing browser session avoids issues related to your browser caching an HTTP connection.
-
Log back into the Palette VerteX system console. Ensure the connection is secure by checking the URL. The URL should start with
https://
.
Palette VerteX is now using your uploaded certificate to create a secure HTTPS connection with external clients. Users can now securely access the system console, gRPC endpoint, and API endpoint.