Installing trusted SSL certificates for PRTG
The PRTG Certificate Importer eases the installation of a trusted certificate on your PRTG server to avoid
the browser SSL certificate warning when you access the PRTG web interface.
PRTG already comes with a default SSL certificate for its web server. With this standard certificate, all traffic between your web browser and your web server is encrypted and you can securely access and use the PRTG web interface via HTTPS. However, this certificate does not match the DNS name or IP address of your PRTG server, so your browser will always show an SSL Certificate Warning when you connect to PRTG.
To avoid this warning, you can use a trusted certificate. If you have a certificate authority (CA) in your network, you can create your own trusted certificate that matches the internal IP address of your PRTG server. If you access PRTG from external IP addresses or DNS names you can request a trusted certificate from issuers like GoDaddy, DigiCert, or InstantSSL, and import it into your
Unfortunately, the manual import of an issued SSL certificate into a PRTG installation is sometimes a bit tricky and uncomfortable. PRTG needs various certificate files named correctly with data in the expected encoding and format. It is not always easy to understand which certificate files have to be provided in which format.
So, to ease the installation of a trusted certificate, we provide the free PRTG Certificate Importer. It combines and converts all files issued by a certificate authority (CA) automatically for the use with PRTG and saves the certificate files into the correct path on your PRTG server. This makes importing a trusted SSL certificate rather comfortable!
And, of course, we would love to hear your feedback about the free PRTG Certificate Importer.
To get a trusted connection and avoid the browser warning when you access your PRTG web interface without complicated setup steps, you just need to request a certificate from a valid CA and the PRTG Certificate Importer:
- Obtain a certificate that is valid to your domain name (or IP address) and signed by a valid certificate authority. Request and download the respective CA bundle into a directory on your PRTG server.
- Download and extract the PRTG Certificate Importer on your PRTG server. See below for the download link.
i You can import certificate files with one of the following formats: .cer, .crt, .der, .p12, .p7b, .pem, .pfx, or .txt (via clipboard). The PRTG Certificate Importer does not support .csr (certificate signing requests) files!
How to Use: 3 Steps to Trusted Connections
We designed the PRTG Certificate Importer to make it as easy as possible for you to install trusted SSL certificates
on your PRTG web server. In the best case, you just provide the path to your downloaded CA bundle and let our
tool do the rest.
Execute PRTGCertImporter.exe to start the PRTG Certificate Importer and choose the source of your certificate:
- Windows Certificate Store if your certificate was previously imported there.
- Provide a directory if you stored the CA bundle in a local directory.
- Paste from clipboard is the quickest way to import a certificate that you have already opened in a text editor.
Click "Next Step" to import the certificate. The PRTG Certificate Importer checks if the provided certificate is valid. If this validation fails, you will see a corresponding error message with the reason. The certificate importer goes on with Step 2 if the private key for the certificate is secured with a password. Otherwise, the importer skips step 2 and jumps directly to step 3.
If the private key is separated from your certificate, the PRTG Certificate Importer asks you to provide the private key that comes along with your certificate files. You can either provide a file that contains your key (can be .key or .txt), or copy and paste it directly. Click "Next Step".
If your private key is passphrase protected, you will be asked to enter the passphrase for your key into the appearing dialog box. Click "OK" to go on.
The PRTG Certification Importer checks if your certificate and the private key are a valid pair and tests the certificate with an SSL connection. If the verification of the certificate is successful, you can choose the target directory for the certificate.
To work with PRTG, the certificate must be stored in the \cert subfolder of your PRTG installation directory.
The PRTG Certificate Importer will automatically move the existing files from the \cert folder into a new subdirectory. If anything goes wrong, you can still revert to your old certificates this way.
Click "Finish" to restart the PRTG core server with your new trusted certificate.
When you connect to the PRTG web interface, now your browser will not show the
SSL certificate warning anymore.
i This Freeware program is provided free for Paessler customers to install trusted SSL certificates on PRTG web servers. Please understand that we can provide only limited support for this tool.
V1.0.0 (March 25th 2015): Initial stable release
V0.9.15 (February 24th 2015): Initial beta release