Sec/User Mgmt: Step 3. Import Server Certificate and Trusted CA Certificate

Document created by RSA Information Design and Development on Nov 23, 2016Last modified by RSA Information Design and Development on Apr 26, 2017
Version 5Show Document
  • View in full screen mode
  

By default Security Analytics server uses a web server certificate generated by Security Analytics for HTTPS connection. Security Analytics also allows you to configure custom web server certificate to be used as Security Analytics server certificate . You can configure custom web server certificate even if PKI is not enabled.

Supported Certificate Formats

The following certificate formats are supported. You must select the format that meets your requirement:

  • For server certificate with its private key:
    • pkcs12 or .p12 
    • jks
    • pfx   

Note: The .pfx, .p12, .jks are containers that can contain one or more private keys and its chains or certificates.

Prerequisites

Make sure that the trusted CAs certificate is available in the Administration > Security > PKI Settings > Trusted CAs section. If the CAs certificate is not available, you must import the trusted CAs certificate. Perform the following:

  1. In the Security Analytics menu, select Administration > Security.
    The Security view is displayed with the Users tab open.
  2. Click the PKI Settings tab.
  3. In the Trusted CAs section, click .
    The Import Certificate Authority dialog is displayed.
  4. In the CA Store File field, click Browse and select the certificate or certificate store.
  5. In the Password field, enter the password of the certificate or certificate store.

Note:

The password is applicable only for .pkcs12 or .p12, .pfx, and .jks certificate store formats.

 
  1. Click Save.
    The CA certificate is successfully added to the Security Analytics Trusted CAs store.

Procedures

Import SA Server Certificate with its Private Key

To import SA server certificate with its private key

  1. In the Security Analytics menu, select  Administration > Security.
    The Security view is displayed with the Users tab open.
  2. Click the PKI Settings tab.
  3. In the Server Certificates section, click .
    The Import Server Certificates dialog is displayed.

  4. In the Keystore/Certificate File field, click Browse and select the certificate store.
  5. In the Password field, enter the password of the certificate store.
  6. (Optional) If Public Key Infrastructure (PKI) is enabled and you want to import an issuer certificate as the Trusted CAs, select the Import CAs checkbox.
  7. Click Save.
    The Security Analytics server certificate with its private key is successfully added to Security Analytics.

Note: You can import multiple server certificates with its private keys.

Note: The Import Server Certificates dialog may not close on some browsers, however, the import will be     successfully. To view the imported certificate, refresh the page.

  1. To specify a default server certificate, select a certificate and click Use as Server Certificate.
    The selected server certificate is highlighted in red.
  2. Restart Security Analytics server for changes to take effect.

You are here
Table of Contents > Set Up System Security > Step 5. (Optional) Use Custom Server Certificate

Attachments

    Outcomes