Installing a Custom Security Certificate
The ztC Endurance management server automatically initializes itself with a self-signed SSL certificate, allowing communications to the management server to be encrypted without the identity of the certificate holder being verified by a third party. To view details of this certificate, click the warning icon on the left side of the browser's address bar.
If you prefer to install a custom certificate on the server, run the certificate_installer script. You can also use this script to revert to the default certificate or to display the current certificate.
The installation script is located in /opt/stratus/sbin/ and must be run as root. The installer requires a key file containing the private key in addition to the certificate file. Both files must have the .pem format.
Installation script usage:
$ sudo /opt/stratus/sbin/certificate_installer.sh To install/recover/display the certificate: Usage: sudo /opt/stratus/sbin/certificate_installer.sh [Option] -d, displays current certificate -r, recovers to default certificate -c [PATH to certificate.pem] -k [PATH to key.pem], installs the customer certificate -h, displays help $
certificate_installer script automatically restarts the management server after any operation that changes the certificate, so you do not need to perform a manual restart after installation. To install a custom certificate
-
Copy your new, valid certificate and key
.pemfiles to the/tmpdirectory of the ztC Endurance console virtual machine. -
Issue the following command:
$ sudo /opt/stratus/sbin/certificate_installer.sh -c/tmp/cert.pem -k/tmp/key.pem
To revert to the default certificate
$ sudo /opt/stratus/sbin/certificate_installer.sh -r
To display information about the currently used certificate
$ sudo /opt/stratus/sbin/certificate_installer.sh -d
Product Support