Summary:
Out of the box while opening the Xsuite Web-UI various warnings are issued by the browser and the Java-Runtime environment.
This document is describing the steps how to create a new self signed certificate in the Xsuite and insert this certificate into the browser and JRE trusted key store.
Instructions:
- in Xsuite GUI open Config / Security / Create Certificate
- enter CN und Alternative Subject Names = FQDN, hostname und IP of Xsuite e.g.
xsuite.mulan04dom.ca.com
192.168.1.21
xsuite
xsuite.mulan04dom.ca.com (<- make sure there is no CR at the end !!)

click Create
- Download Certificate
(select the newly created default Cert )

- Set Certificate
(select the newly created default Cert )

-> reboot
- Sign Xsuite Applets
(await success message !!!)


- Browser Certificate Manager / Servers / Import
(select the previously downloaded Cert file)

"Edit Trust" -> Trust.this certificate..

- Control Panel / Java / Certificates / Secure Sites / User
(select the previously downloaded Cert file)

- Fully clear the Browser and Java Cache and verify all is working as expected upon relaunching the Xsuite GUI
Repeat the above steps for each cluster node you might have.
Additional Information:
Please see also the CA PAM Implementation Guide for additional details