Google Search Appliance Managing Search for Controlled-Access Content User Manual
Page 12
Google Search Appliance: Managing Search for Controlled-Access Content
12
By default, the search appliance uses its own store of preloaded certificate authorities. These default
certificate authorities are used by most browsers. By using these default certificate authorities, the
search appliance trusts the same servers that browsers trust. As a search appliance administrator, you
have the following options:
•
Using the default certificate authorities without uploading any of your own certificate authorities
•
Using only your uploaded certificate authorities without using the default ones
•
Using both the default and uploaded certificate authorities
By using the options in the Default Certificate Authorities area of the Administration > Certificate
Authorities page, you can disable or re-enable default certificate authorities. For information about
using certificate authorities, click Help Center > Administration > Certificate Authorities.
This section provides a general overview of how to install a digital certificate for use by the search
appliance. For more detailed instructions, including an explanation of how to request a digital certificate
from a certification authority and decrypt an encrypted private key, click Help Center > Administration
> SSL Settings in the Admin Console.
Note: The SSL Settings page can only install non-encrypted RSA keys in .pem (privacy enhanced mail)
format. If the private key is encrypted or in PKCS#12 format (see
),
refer to the instructions in the Help Center.
To configure the search appliance to enable crawl and serve over HTTPS:
1.
Log in to the Admin Console.
2.
Choose Administration > SSL Settings.
3.
On the SSL Settings page, scroll down to Install an SSL Certificate.
•
Under SSL Certificate, enter the file name of the certificate or click the Browse button to locate
it. If you are using an intermediate certificate, enter the name of the file that includes both the
intermediate certificate and the host certificate.
•
Under SSL Private Key, enter the file name of the unencrypted private key or click the Browse
button to locate it. If the SSL Certificate contains an intermediate certificate, use the private key
that corresponds to the host certificate.
4.
Click the View Certificate Information button.
5.
Installing the certificate will restart the Admin Console and the front end. If you are ready to install,
click the Install SSL Certificate button.
When the page refreshes, the following message appears at the top:
SSL certificate installed. The appliance console needs to be restarted, please
log in again.
6.
On the Admin Console login page, click Log in, and log in using the admin username and
password.
7.
Choose Administration > SSL Settings. Your new certificate information is listed under Current
SSL Certificate Information.