Manage SSL Certificates

When you interact with the Agent Factory application, the web page uses self-signed SSL certificates by default. Some web browsers may trigger an “insecure connection” warning, but this does not affect the application’s functionality.

You can generate your own self-signed SSL certificates or import your certificates issued by a trusted certificate authority (CA) to remove the warning entirely.

Note: Adding your own SSL certificates won’t remove the warning unless the certificate is issued by a CA that the browser trusts, and the hostname matches the certificate.

Generate Your Own SSL Certificates

To generate your own self-signed SSL certificates, use one of the following commands from your staging location.

  1. Generate certificates for both a hostname and IP address:

    make certificates FQDN=<yourhostfqdn.example.com> IP_ADDRESS=<your.ip.address>

  2. Generate certificates for an IP address only:

    make certificates IP_ADDRESS=<your.ip.address>

  3. Generate certificates for a hostname only:

    make certificates FQDN=<yourhostfqdn.example.com>

The generated certificates replace the default self-signed certificates used by the application.

Import Your Own Certificates

To remove the browser warning, use your preferred method and certificate authority to generate certificates issued by a trusted CA. Many certificate authorities require that the VM hosting the application has a public DNS name.

You need a certificate file and a key file.

  1. Go to your staging location.

    cd </path/to/your/staging/location>

  2. Import your certificates.

    make install-certificates CERT_FILE=/path/fullchain.pem KEY_FILE=/path/key.pem

After completing these steps, the next time you access the application, the browser will show the new certificate information. If the certificate was issued by a trusted CA, the browser warning should no longer appear.

Note: SSL/TLS certificate selection, procurement, installation, renewal, and trust configuration are handled by the user or the organization operating the deployment. Agent Factory does not validate or manage third-party certificates; it only provides a mechanism to import and use certificates you supply.