Providing an SSL Certificate
467
Titan SiliconServer
Providing an SSL Certificate
Both the Titan and SMU are pre-configured with default SSL certificates. These default
certificates should provide an acceptable level of security for most users. For added security,
this certificate may be replaced with a certificate signed by a Certificate Authority (e.g.
Verisign).
Requesting and Generating Certificates
To request a certificate from a certificate authority (CA):
1.
Generate a custom private key [optional].
2.
Generate a Certificate Signing Request (CSR).
Generating a Private Key
The SMU already contains a default private key from which a CSR may be generated. It uses
default BlueArc values:
•
Common Name (CN) uses the SMU’s hostname but other values are BlueArc specific
e.g. OU=., O=BlueArc, L=San Jose, ST=CA, C=US
•
Valid for 3650 days (10 years).
•
Key length of 2048 bits.
To view these values by displaying the SMU's default certificate, type the following at the SMU
CLI:
cert-showall.sh
If other values
must
be used, a custom private key may be generated via the following steps:
1.
Log onto the SMU (through ssh or through its serial port) as the user manager, then
type:
sudo cert-gencustom.sh
Enter the manager user’s password when prompted.
Delete Package
To delete a package, select it from the list and click the Delete
Package button.