Generating and installing a signed SSL certificate

Ops Center Administrator Getting Started Guide

Version
10.9.x
File Size
782 KB
Audience
anonymous
Part Number
MK-99ADM000-17

By default, the server uses a self-signed certificate. SSL certificates verify the user's identity and enhance security on the server. You can get a digitally signed SSL certificate from a trusted certificate authority (CA) by sending a certificate signing request (CSR). After you obtain the signed certificate, you import it to the server.

The following is a sample procedure for generating and installing a signed SSL certificate. The process of obtaining a certificate may be different within each organization.

  1. Open the virtual machine console and log in using root user or normal user credentials. If you log in as a normal user, use the sudo command to complete the following procedure as the root user.
  2. Note the hostname of the VM (#hostname).
  3. Run the openssl command and provide the Authentication sha256, depending upon the required security. Give the Fully Qualified Domain Name for host name.
    # openssl req -nodes -newkey rsa:2048 -sha256 -keyout server.key -out server.csr
    The system returns the message: Generating a 2048 bit RSA private key
  4. Provide the information as prompted. For some fields there is a default value. Enter period ".", to leave a field blank.
    • Country Name (two-letter code)
    • State or Province Name (two-letter code)
    • Locality name (City)
    • Organization Name (Company)
    • Organizational Unit Name (Section or department)
    • Common Name (Your name or the server host name)
    • Email Address
  5. When you receive the CSR file, send it to a certificate authority to obtain an SSL certificate.
    If you need help with this step, consult with customer support or an authorized service provider.
  6. Open a browser and enter the virtual appliance manager URL in the address bar.
    For example, https://ip-address/vam
  7. Click Certificate Settings.
  8. Import the certificate into the server.
    1. Open the signed certificate (received from the certificate authority) in a text editor.
    2. Open the private key file (generated in step 2) in a text editor.
    3. Copy the certificate file contents into the CERTIFICATE text box.
      Note: Do not include the delimiters.
    4. Open the private key.
      # cat server.key
    5. Copy the private key file contents into the PRIVATE KEY text box in the virtual appliance manager.
    6. Click Submit.