Purpose of Certificates:
Baseline of defense to ensure the Web Server you are accessing is verified
Ensure your browser doesn't complain about the SAN not matching
Certificate Workflow:
Generate a CSR in Application Settings > Security > Certificates
Sign CSR with internal CA or 3rd party Enterprise CA
Upload signed certificate in Application Settings > Security > Certificates
How to Create a CSR:
NOTE: As of OM Enterprise 3.5, custom certificates are not supported
Navigate to Application Settings > Security > Certificates
Click Generate Certificate Signing Request
Fill out all of the fields, making sure to enter the name of the appliance where applicable
Click Generate
Either copy the text or save to file
How to Create a Webserver cert if using MS CA:
Navigate to https://ca-server/certsrv
Click Request a certificate then submit an advanced certificate request
Click Submit a certificate request by using a base-64-encoded CMC or PKCS#10 file, or submit a renewal request by using a base-64-encoded PKCS#7 file
In the base-64-encoded certificate request (CMC or PKCS#10 file or PKCS#7) field, copy and paste the entire content of downloaded CSR.
For Certificate Template select Web Server
Click Submit to issue a certificate.
On the Certificate Issued page, select the option Base 64 encoded and then click the Download Certificate link to download the certificate.