Announcement: New Knowledge Base

4 June 2020: We are pleased to announce the launch of a new Knowledge Base, Changelogs for Business Security Products, where you can find more details, such as bugfixes or new features, about the most recent releases of our business-related products.

Policy Manager 12.10 and certificate for https

Hi,

 

Policy Manager 12.10 for Linux adds a secure connection between the server and the managed hosts.  As far as I understand the installation of the FSPMS created a self signed certificate for this connection.

 

Is it possible to use an alternate keystore?  More specifically, can I change somewhere the passwords used for the keystore and the private key?

Best Answer

  • dandeliondandelion Posts: 31
    Accepted Answer

    Hello, 

     

    no, currently changing the keystore, or a password to the keystore or the certificate, is not possible. 

    What you can do is replace the default self-signed certificate with your own.

     

     

     

Comments

  • tletle Posts: 16

    Is there a guide somewhere on HOW TO CHANGE THE CERTIFICATES? PM 12.10 Admin guide did not help at all, there's not even a mention about them in the whole manual.. very poorly documented.

  • Same here. i'd also would like to see a sort of manual on how to create a keystore with a signed cert and use that for PMS. Reading through manuals does not shed a light on what the requirements are so pms picks up the key from the store

  • Fellows, 

     

    please find the attached  instruction on how to provide a custom certificate to the Policy Manager Server. Please note, though, that this instruction describes the specific case of importing the certificate in PKCS12  format. For more information, please see the Oracle's documentation on 'keytool' utility: 

    http://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html

     

This discussion has been closed.