Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000034485 - RSA Security Analytics: How to start SAW node Web Server using a certificate generated by an external CA

Document created by RSA Customer Support

on Jan 2, 2017•Last modified by RSA Customer Support

on Apr 21, 2017

Version 2Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000034485
Applies To	RSA Product Set: RSA Security Analytics RSA Product/Service Type: Warehouse Platform: Centos O/S Version: EL6
Issue	Using an external certificate to start web server on SAW Node.
Tasks	Assuming a certificate has been issued by an external CA for the SAW node web server and the below files have been collected: ca.pem : The PEM format CA Certificate Chain mycert.pem : The PEM format HTTPS Server Certificate mykey.pem : The PEM format Private Key for the HTTPS Server
Resolution	SSH to the SAW Node and follow the below steps: Step 1: Create the Certificate Chain cat mycert.pem ca.pem > mycertchain.pem Step 2: Create a PKCS12 Keystore using chain and private key openssl pkcs12 -export -in mycertchain.pem -inkey mykey.pem -out saw.p12 -name saw -CAfile ca.pem -caname sawca Step 3: Merge the Keystore so that the Certificate and Key is imported into SSL Keystore keytool -importkeystore -srckeystore saw.p12 -destkeystore /opt/mapr/conf/ssl_keystore -srcstoretype PKCS12 -deststoretype JKS Step 4: Restart Web Server /opt/mapr/adminuiapp/webserver stop /opt/mapr/adminuiapp/webserver start Step 5: Check with Open SSL openssl s_client -connect localhost:8443

Attachments

Outcomes

0 Comments

Recommended Content