Search Engine: Elastic

Article ID: 111380, created on Jun 3, 2011, last review on Dec 25, 2015

  • Applies to:
  • Operations Automation
  • Business Automation

Problem Statement

A provider wants to install an SSL certificate on BA for the Windows Control Panel server.


In BA for Windows, the SSL certificate is configured by standard IIS configuration.

Follow these steps to install the SSL certificate:

  • Copy the file containing the SSL certificate to the PBA-E application server.
  • Open the RDP (Remote Desktop) connection to this server.
  • Run Start > Administrative Tools > Internet Information Services (IIS) Manager.
  • Right-click on Default Web Site, or the website the certificate was created for, then select Properties.
  • On the selected website properties dialog, select the Directory Security tab.
  • Click Server Certificate.
  • The IIS Certificate Wizard should start.
  • Select Process the pending request and install the certificate option, and click Next. Follow the wizard steps until finished.

Chain SSL Certificate

If the SSL certificate is issued by Certification Authority, not included in the list of web browser trusted authorities, customers are shown an alarming warning upon time opening the Online Store or BA Control Panel for the first time. The warning states that the SSL certificate is unknown (for their browsers), and asks whether to trust your certificate or not.

However, the SSL certificate is absolutely reliable, and is issued by one of the authorized SSL providers. This SSL provider is just not included in the list of the browser's default trusted authorities. In this case, the undesirable warning can be suppressed by means of chain certificate.

A certificate chain is a sequence of certificates, where each certificate in the chain is signed by the subsequent certificate. The purpose of a certificate chain is to establish a chain of trust from a peer certificate to a trusted Certificate Authority (CA) certificate. The CA vouches for the identity of the peer certificate by signing it.

To configure the chain SSL certificate, import the intermediate certificate using the Microsoft Management Console (MMC).

To ensure the certificate chain works, open the IIS Manager, select needed website properties, go to the Directory Security tab and click View Certificate.

Additional information

For more information, refer to Windows and IIS documentation.

198398b282069eaf2d94a6af87dcb3ff caea8340e2d186a540518d08602aa065 e12cea1d47a3125d335d68e6d4e15e07 5356b422f65bdad1c3e9edca5d74a1ae

Email subscription for changes to this article
Save as PDF