Objective

Prerequisites 

• ADSelfService Plus must be installed and accessible (default port: 9251).
• Have administrative privileges in ADSelfService Plus.
• Have a valid, password-protected .pfx file containing the public SSL certificate; a private key; and the certificate chain from a trusted certificate authority (CA).

Steps to apply a .pfx certificate 

1. Log in to ADSelfService Plus as an administrator.
2. Navigate to Admin > Product Settings > Connection > Connection Settings.
3. Click Apply SSL Certificate.
4. Select the Apply Certificate option.
5. In the Upload Certificate File field, click Browse and select your .pfx file from your system.
6. Enter the password associated with the .pfx file in the Certificate Password field.
7. Click Apply.
8. Restart the ADSelfService Plus service manually via services.msc for the changes to take effect.

Validation and confirmation 

1. Access the ADSelfService Plus portal via its configured HTTPS port.

 https://<hostname>:9251 

2. Click the padlock icon in the browser's address bar.
3. Inspect the certificate details and verify the following:

• Common Name (CN) or Subject Alternative Name (SAN) matches your server hostname.
• Certificate Issuer is the name of your CA.
• The validity period is current and not expired.
• The certificate chain is complete and the certificate is shown as trusted by your browser.

Tips 

• Use a trusted CA: Always use SSL certificates issued by a trusted CA to avoid browser trust warnings.

• Backup your existing certificate: Always create a backup of your current certificate (if any) and its configuration before importing a new one. This ensures you can revert to the previous state if any issues arise.

• Ensure the Access URL of ADSelfService Plus is set to HTTPS after binding the certificate.

How to reach support