Skip to main content

We've Moved!

Product Documentation has moved to docs.hitachivantara.com
Hitachi Vantara Knowledge

How to configure a server-side SSL certificate using a UI

There are two versions of the tool:

  • Certificatetool This is a UI based tool and requires a windowing manager to be installed on the Master
  • Certificatetoolcli This is CLI tool and can be run on a ‘windows core installation’ or a non-X11 linux installation

Before you begin

For Protector installations on Windows and Linux, there is a certificate tool which enables you to:

  • Create a self-signed certificate
  • Create a certificate signing request
  • Install existing certificate
You will need the following Distinguished Names (DN) to create a CSR or self-signed certificate:
  • Common Name (CN) - The fully qualified domain name (FQDN) to be secured.
  • Organisation (O) - The legal incorporated name of your company.
  • Organisational Unit (OU) - The department administering Protector.
  • City/Locality (L)
  • State/Country/Region (S)
  • Country (C)
  • Email Address - A point of contact in your Protector administrative team (optional)

Configure server-side SSL certificate using Windows

Windows

Procedure

  1. On the Master node, open the folder <Protector home>\bin

  2. Locate and run the program certificatetool.exe with administrator privileges.

  3. Follow the instructions in the Certificate Tool wizard to:

    • Create a self-signed certificate
    • or Create a certificate signing request
      TipThe .csr file to be passed to your CA is created in the folder <installation path>\db\ssl\webui\certificates

      The corresponding .key file is created in C:\Program Files\Hitachi\Protector\db\ssl\webui\private

    • Install Certificate

Configure server-side SSL certificate using Linux

Linux

Procedure

  1. On the Master node, open the folder <installation path>/bin/

  2. Locate and run the program certificatetool.exe

  3. Follow the instructions in the Certificate Tool wizard to:

    • Create a self-signed certificate
    • or Create a certificate signing request
      TipThe .csr file to be passed to your CA is created in the folder <installation path>/bin/db/ssl/webui/certificates

      The corresponding .key file is created in /opt/hitachi/protector/bin/db/ssl/webui/private

    • Install Certificate
      NoteThe Certificate tool can be run as either a UI version or CLI text version, thus a windowing manager is no longer required for Linux or Windows installations