62
ACS Advanced Console Server Command Reference Guide
User configured digital certificate
The ACS console server generates its own self-signed SSL certificate for HTTPs using OpenSSL.
It is highly recommended that you use the "openssl" tool to generate a self-signed certificate and
replace the ACS console server's generated certificate.
To generate a self-signed certificate:
1.
Open the /etc/req_key file and update the user data with your organization specific data.
# vi /etc/req_key
[ req ]
default_bits
distinguished_name
prompt
x509_extensions
[ cyclades ]
C
ST
L
O
OU
CN
emailAddress
[ x509v3 ]
subjectKeyIdentifier
authorityKeyIdentifier
basicConstraints
nsComment
nsCertType
2.
Remove the files /etc/ca/*.pem
3.
Execute the following script.
# /bin/firstkssl.sh
4.
Reboot the ACS console server or restart WMI.
= 1024
= cyclades
= no
= x509v3
= US
= CA
= Fremont
= Cyclades Corporation
= R&D
= www.cyclades.com
= support@cyclades.com
= hash
= keyid:always,issuer:always
= CA:true
= "This is just a TEST certificate.
= server, sslCA