Administration Console: Secrets
The Secrets tab provides tools to manage the certificates, passwords, and remote access settings for your i2 Explore for iBase deployment.
Remote Access
By default, the i2 Explore Administration Console is accessible only on the machine where AdminConsole.exe is running. The Remote Access panel on the Secrets tab displays a checklist of the requirements that must be met before remote access can be enabled:
A signed certificate and private key are available (indicated by a green tick or a red cross).
The Administration Console password is set (indicated by a green tick or a red cross).
When both requirements are met, the panel confirms that remote access is ready to be enabled. You must stop and restart AdminConsole.exe for the change to take effect. After restarting, the panel displays the message "Remote access is enabled". The address to use for remote access is displayed in the console output of AdminConsole.exe. Remote users log in with the username admin and the Administration Console password.
For the full procedure to enable remote access, see Enabling Remote Access for the Administration Console in Deploying and Upgrading Using the i2 Explore Administration Console.
Certificates
The Certificates panel displays the status of the three certificate files required to secure the i2 Explore service:
CA trust certificate — The certificate used to verify the identity of the i2 Explore server. Accepted formats: .cer, .crt, .pem.
Server certificate — The certificate used to secure the connection to the i2 Explore and Administration Console services. Accepted formats: .cer, .crt, .pem.
Private key — The private key used to secure the connection to the i2 Explore and Administration Console services. Accepted formats: .key, .pem.
Each certificate entry shows a green tick if the file is present, and an Upload button to provide your own certificate file. When all three files have been uploaded, the Administration Console automatically generates the derived secrets required by the services.
You can also click Generate Certificates to generate certificates. Generated certificates are not recommended for production environments. You can replace a generated certificate with a provided certificate at any time by uploading a new file.
Run Deploy for the changes to take effect. For more information, see Administration Console: Deployment.
Note: All services must be stopped before you can generate or upload certificates. If any service is running, these operations are blocked and an error message is displayed.
For detailed information about the certificate files and their expected locations, see Configuring TLS Connection to iBase.
Passwords
The Secrets tab displays the following passwords:
Admin Console Password — The password for the admin user account used to access the Administration Console remotely.
EntraID Client Secret — The client secret for EntraID authentication. This secret is required only when the authentication mode is set to Entra ID. For more information, see Configuring Entra ID for i2 Explore for iBase.
LDAP Password — The password for the LDAP bind user. This secret is required only when the authentication mode is set to Active Directory. For more information, see Configuring Active Directory for i2 Explore for iBase.
Each password is displayed with a masked value. You can click the reveal button to view the current value, and click Edit to change it. When you edit a password, a dialog is displayed where you can enter the new value.
Note: All services must be stopped before you can edit passwords. If any service is running, the edit is blocked and an error message is displayed.