1. Manuals
  2. Brands
  3. IBM Manuals
  4. Network Hardware
  5. TS4300
  6. User manual

Appendix C. Getting Started With Ssl Certificates; Working With Openssl; Installing Openssl; Configuring Openssl - IBM TS4300 User Manual

Tape library
Hide thumbs Also See for TS4300:
Table of Contents

Advertisement

IBM Confidential

Appendix C. Getting started with SSL certificates

This topic provides a beginner-level description of the process for obtaining SSL certificates so you can
implement secure communications (HTTPS) on your tape library.
To summarize the process, you will:
1. Install OpenSSL, if it's not already installed.
2. Generate a private key. A private key is used to create a digital signature for the library web server. This
file should be kept secure, as anyone with access to it may be able to gain access to the web server.
3. Generate a certificate. The certificate includes a public key that works together with your private key.
Depending on your security requirements, you can generate either:
• A certificate signing request (CSR), which is a certificate in a format that can be sent to a CA
(certificate authority) for signing.
• A self-signed certificate.
4. Create a certificate package.
5. Upload the certificate package to the tape library.
Examples of the most common OpenSSL command options are provided here. Refer to the OpenSSL
command help for additional options.

Working with OpenSSL

OpenSSL is an open-source software library that is widely used to generate and manage certificates.
OpenSSL is recommended to ensure compatibility with development and support.

Installing OpenSSL

The installation procedure depends on your operating system:
• Windows users – There are several versions of OpenSSL for Windows. One such product is Win32
OpenSSL. Additional options can be found in the OpenSSL Binaries wiki. When installing, accept the
default installation settings.
• Linux users – Refer to the OpenSSL Downloads page for the latest version.

Configuring OpenSSL

OpenSSL requires a master configuration file (openssl.cnf) to generate a certificate. If this file is not
included in your installation, you will receive an error message that mentions openssl.cnf. Follow these
steps to add the file:
1. Obtain a configuration file. If you don't have one locally, MIT (Massachusetts Institute of Technology)
provides a generic configuration file that you can use. You don't need to make any changes to the file
at this time. After you become more familiar with OpenSSL, you may want to customize some of the
settings.
2. Save the file to your computer in the following directory:
Windows
C:\Program Files (x86)\Common Files\SSL\
Linux
/etc/pki/tls/
©
Copyright IBM Corp. 2017, 2023
185

Advertisement

Table of Contents
loading

Related Manuals for IBM TS4300

Related Content for IBM TS4300

This manual is also suitable for:

3555

Table of Contents