Document URL: 

a) https://access.redhat.com/articles/449033
b) https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.6/html/appliance_hardening_guide/server-security#enabling_the_appliance_to_use_your_certificate

Section Number and Name: 

a) reference the document only
b) 3.2.3. Enabling Your Certificate

Describe the issue: 

Two methods are described for configuring your certificates. The method in the documentation asks you to replace the files in the target directory pointed to by the configuration files. 
/var/www/miq/vmdb/certs/server.cer 
/var/www/miq/vmdb/certs/server.cer.key

The other asks you to update the /etc/httpd/conf.d file:

Edit the following lines in the Apache SSL configuration file to point to the new certificate and key file. For CloudForms Management Engine 5.2 and above, the file is /etc/httpd/conf.d/cfme-https-application.conf. For earlier versions of ManageIQ EVM and CloudForms Management Engine 5.1, the file is /etc/httpd/conf.d/ssl.conf:

Raw
SSLCertificateFile /var/www/miq/vmdb/certs/servername.crt
SSLCertificateKeyFile /var/www/miq/vmdb/certs/servername.key


Suggestions for improvement: 

in case a) for CFME 5.8 the file 
/etc/httpd/conf.d/cfme-https-application.conf
is now called
/etc/httpd/conf.d/manageiq-https-application.conf


in case b) for CFME 5.8 the documentation does not mention that the files are replaced.

/var/www/miq/vmdb/certs/server.cer -> /var/www/miq/vmdb/certs/server.cer.rpmsave
/var/www/miq/vmdb/certs/server.cer.key -> /var/www/miq/vmdb/certs/server.cer.key.rpmsave

In any event, chrome will not load the web UI due to the error
Firefox will ask you to accept the certificate again.

Additional information: 

I have not checked 5.9, but it should be checked as well..

PA