Portal Certificate Setup

This guide explains how to configure your workstation to trust the portal's SSL certificate, enabling secure browser access without security warnings.

When Is This Needed?

This setup is only required if your deployment uses self-signed certificates.

Deployments using certificates signed by a trusted Certificate Authority (CA)—such as those from Let's Encrypt, DigiCert, or your organization's internal CA—work automatically without additional configuration. Your browser already trusts these certificates.

Self-signed certificates are commonly used in:

  • Development and testing environments
  • Air-gapped or isolated networks
  • Initial deployment before production certificates are provisioned

When accessing a portal secured with a self-signed certificate, browsers display security warnings or blank screens because they cannot verify the certificate's authenticity. Installing the certificate in your system's trust store resolves this.

Prerequisites

Obtain the self-signed certificate file (typically a .crt or .pem file) generated during installation. Your cluster administrator can provide this file or direct you to its location.

Windows

  1. Copy the certificate file to your local machine.
  2. Right-click the certificate file and select Install Certificate.
  3. Select Local Machine and click Next. (If prompted by User Account Control, click Yes.)
  4. Select Place all certificates in the following store, then click Browse.
  5. Choose Trusted Root Certification Authorities and click OK.
  6. Click Next, then Finish to complete the installation.
  7. Restart your browser to apply the changes.

macOS

  1. Copy the certificate file to your local machine.
  2. Double-click the certificate file to open it in Keychain Access.
  3. When prompted, add the certificate to the System keychain (or login keychain for single-user access).
  4. Locate the certificate in Keychain Access (it may appear under Certificates with a red "X" indicating it's not trusted).
  5. Double-click the certificate to open its details.
  6. Expand the Trust section.
  7. Set When using this certificate to Always Trust.
  8. Close the window and enter your password when prompted to confirm the change.
  9. Restart your browser to apply the changes.

Linux

The process varies by distribution. Below are instructions for common distributions.

Debian / Ubuntu:

  1. Copy the certificate to the trusted certificates directory:
    sudo cp your-certificate.crt /usr/local/share/ca-certificates/
  2. Update the certificate store:
    sudo update-ca-certificates

RHEL / CentOS / Fedora:

  1. Copy the certificate to the anchors directory:
    sudo cp your-certificate.crt /etc/pki/ca-trust/source/anchors/
  2. Update the certificate store:
    sudo update-ca-trust

Note: Some browsers on Linux (such as Firefox) maintain their own certificate store. You may need to import the certificate directly into the browser's settings under Privacy & Security > Certificates.

Verification

After installing the certificate:

  1. Open a new browser window (or use a private/incognito window to avoid cache issues).
  2. Navigate to your portal URL (e.g., https://admin-portal.yourcompany.com).
  3. Confirm the page loads without security warnings. The browser's address bar should show a valid certificate indicator.

If you still see warnings, verify that you installed the correct certificate and that your browser has been restarted.

Was this article helpful?