How to configure a server-side SSL certificate using a UI
There are two versions of the tool:
Certificatetool
This is a UI based tool and requires a windowing manager to be installed on the MasterCertificatetoolcli
This is CLI tool and can be run on a ‘windows core installation’ or a non-X11 linux installation
Before you begin
For Protector installations on Windows and Linux, there is a certificate tool which enables you to:
- Create a self-signed certificate
- Create a certificate signing request
- Install existing certificate
- Common Name (CN) - The fully qualified domain name (FQDN) to be secured.
- Organisation (O) - The legal incorporated name of your company.
- Organisational Unit (OU) - The department administering Protector.
- City/Locality (L)
- State/Country/Region (S)
- Country (C)
- Email Address - A point of contact in your Protector administrative team (optional)
Configure server-side SSL certificate using Windows
Windows
Procedure
On the Master node, open the folder <Protector home>\bin
Locate and run the program certificatetool.exe with administrator privileges.
Follow the instructions in the Certificate Tool wizard to:
- Create a self-signed certificate
- or Create a certificate signing request TipThe .csr file to be passed to your CA is created in the folder <installation path>\db\ssl\webui\certificates
The corresponding .key file is created in C:\Program Files\Hitachi\Protector\db\ssl\webui\private
- Install Certificate
Configure server-side SSL certificate using Linux
Linux
Procedure
On the Master node, open the folder <installation path>/bin/
Locate and run the program certificatetool.exe
Follow the instructions in the Certificate Tool wizard to:
- Create a self-signed certificate
- or Create a certificate signing request TipThe .csr file to be passed to your CA is created in the folder
<installation path>/bin/db/ssl/webui/certificates
The corresponding .key file is created in
/opt/
hitachi/protector/bin/db/ssl/webui/private
- Install CertificateNoteThe Certificate tool can be run as either a UI version or CLI text version, thus a windowing manager is no longer required for Linux or Windows installations