.. _Accessing the Admin Panel via SSL:

Accessing the Admin Panel via SSL
---------------------------------

When configuring various |product_name| features, you may need to enter sensitive information like credentials for user and e-mail accounts, S3 services, and such. The system uses a pre-generated self-signed certificate by default, and you may want to upload one issued by a trusted CA instead.

Note the following before you proceed:

#. If you want to upload an SSL certificate before creating the HA cluster, you will need one issued for admin panel's current IP address. If you later create the HA cluster, the admin panel will move to the chosen virtual IP address, and you will need another SSL certificate issued for that address.

#. When you create or destroy the HA cluster, the current certificate is overwritten by a self-signed one generated by the system. You will need to re-upload your certificate and key from a trusted CA after completing either operation.

#. .. include:: /includes/creating-ssl-cert-chains.inc

To upload an SSL certificate, do the following:

#. On the **SETTINGS** > **Management node** > **SSL ACCESS** tab, click **Upload**.

#. Upload an SSL certificate issued for admin panel's current IP address.

#. Upload the private key. This option shows after uploading a valid certificate.

#. Click **SAVE**.

The uploaded certificate will be added to the configuration of the web server that hosts the admin panel and you will be able to access it over HTTPS.

You can also generate a new self-signed certificate instead of the one used by default. However, it will not be trusted and you will have to manually accept it in your browser.