Needs help installing new SSL certificate for self-service servers
I'm looking for assistance with installing a new SSL certificate on the Self Service servers. Ours expires soon and we've purchased the new one but nobody here knows how to do the installation since the people who initially set up the system have moved on from our organization.
- Auth Manager
- Authentication Manager
- Community Thread
- Forum Thread
- RSA Authentication Manager
- RSA SecurID
- RSA SecurID Access
- ssl certificate
If you look at the instructions Mohamed linked to, there's basically two ways to import:
1. PKCS#7 which means you generated the CSR in the AM Operations Console, so no Password is needed because when you generated the CSR, you generated the Key Pair and kept the private key local in the AM console certificate key store
2. PKCS#12 which means you or someone used a 3rd party tool to generate the CSR as well as the private/public key pair, so PKCS#12 files need a password, it is protecting the private key inside
A somewhat common problem with PKCS#12 is the import fails and it says the password is incorrect. If this happens, especially if you are sure you entered the correct password, look in the Linux log file called
/opt/rsa/am/server/logs/console.log for a more detailed explanation. Or open a Support case.
"A somewhat common problem with PKCS#12 is the import fails and it says the password is incorrect. "
So that's exactly what happened with us. My server architect even redid it with a new password and we still got the incorrect password error. I'll have to look into how to find that log file.
The log file console.log is included when you download Troubleshooting logs from the Operations console,
or if you have SSH enabled
or console access to the AM appliance Linux,
you can find most log files including console.log in /opt/rsa/am/server/logs/
Thanks for the help, everyone. We ended up generating a CSR and got the new cert this morning and I just activated it successfully. Now we have some notes so we remember how to do this next year!