Tableau Server Linux | SSL Self Signed Certificate Install

Alex Eskinasy
Nov 27, 2020 · 4 min read

This is an easy guide on how to install a self-signed certificate on Tableau Server that requires just 1 config file and 2 commands. It can also be applied to Windows machines (just make sure to add the OpenSSL directory to your PATH variable).

I will also show you how to install that certificate on a client computer (MacOS and Windows), to make it to trust the certificate while browsing Tableau’s GUI.

Self signed SSL certificates should only be used for testing or development purposes.

So, why bother? Well, there are a number good reasons why you might need to quickly generate and test SSL certificates (topic for a non-lockdown beer?), but it also gets rid of that annoying “Your Connection is Not Private” message, so it does feels good :P

Image for post
Image for post

Any external-facing Tableau Server must run over an encrypted SSL channel (ideally behind a Reverse Proxy / Load Balancer), but another time when you might want to install a quick self-signed cert is when building an app with Tableau embedded, otherwise you’ll get into an infinite SSO sign-in loop, more info here.

1. Generate a self-signed certificate

1.1 Create an OpenSSL configuration file (example req.conf).

Change CN and IP.1 to your Tableau Server’s IP Address (example 127.0.0.1)

Note: If you are accessing Tableau over a proper domain, say www.company.com (you may also add multiple domain aliases), change these parts on the config file:

1.2 Create the self-signed certificate
The next command will generate the following two files:

  • cert.key — a certificate private key file (You will use this to self-sign the certificate)
  • cert.crt — The actual self signed certificate

You can also specify the certificate validity (e.g. 365 days). We used the OpenSSL config file (req.conf) to specify all other parameters of our certificate.

2. Configure SSL for External HTTP Traffic to and from Tableau Server

Finally, let’s configure Tableau Server to use SSL for inbound and outbound traffic by importing the two files generated in the previous step (private key and certificate). This step may also be executed from the TSM GUI, more info here.

3. Optionally add the certificate to your client Windows or Mac OS Trusted store

In order for browsers to show a valid and trusted certificate, it’s necessary to import the certificate manually on all client computers (of course, we will only do this on test machines, as in production we would never use a self-signed certificate)

3.1 MacOS

  • Transfer the certificate (e.g. cert.crt) to your Mac
  • Double-click on it to automatically start the import wizard from the Keychain Access tool .
  • Add it to the System keychain
Image for post
Image for post
  • Find for the newly added certificate and change it to “Always Trust”
Image for post
Image for post
  • Now you can browse Tableau Server over HTTPS without any issues :D

3.2 Windows

  • Transfer the certificate (e.g. cert.crt) to your Windows computer
  • Double-click on it to automatically start the import wizard from the Certificate Import Wizard, then click “Install Certificate”
Image for post
Image for post
  • Choose “Local Machine”
Image for post
Image for post
  • Place the certificate into the “Trusted Root Certification Authority”
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post

4. Browse to Tableau Server with HTTPS and a valid Certificate :D

Because our Computer now “Trusts” this certificate, browsers will also trust and show that the certificate is valid and we’re good to go!

Image for post
Image for post
Image for post
Image for post

The Startup

Medium's largest active publication, followed by +752K people. Follow to join our community.

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store