08-28-2012 12:25 PM
The server name was recently changed on our Airwave server. The self signed CERT now shows the previous name of the server in the CERT, thus we get an error when connecting to the Airwave server. I assume that a new self signed cert would have to be created so we won't get this error anymore. What is the process to create a new CERT on the Airwave server?
Solved! Go to Solution.
08-29-2012 03:15 AM - edited 08-29-2012 04:00 AM
Try the below commands to generate the new cert. Replace <hostname> with fully qualified domain name or ip address.
- sed s/"localhost.localdomain"/"<hostname>"/ /root/svn/mercury/lib/conf/openssl.cnf > /tmp/openssl.cnf
- /usr/bin/openssl req -new -key /etc/httpd/conf/ssl.key/server.key -x509 -days 1827 -out /etc/httpd/conf/ssl.crt/server.crt -config /tmp/openssl.cnf 2> /dev/null
- cat /etc/httpd/conf/ssl.crt/server.crt > /etc/httpd/conf/ssl.pem
- echo '' >> /etc/httpd/conf/ssl.pem
- cat /etc/httpd/conf/ssl.key/server.key >> /etc/httpd/conf/ssl.pem
- chmod 0600 /etc/httpd/conf/ssl.pem
- chown root.root /etc/httpd/conf/ssl.pem
- make deploy_httpd_conf >> /tmp/amp-install.log 2>&1
- service httpd restart > /dev/null
- service pound restart > /dev/null
Re: New Cert on Airwave
08-29-2012 01:17 PM
Thanks for the quick reply. I ran the commands you provided but still have a problem. In the command "sed s/"localhost.localdomain"/"<hostname>"/ /root/svn/mercury/lib/conf/openssl.cnf > /tmp/openssl.cnf"" ,what should I put in for the localhost.localdomain?
I tried putting in the server name and domain but in the Certificate Information in the browser, the issued to and issued by both show localhost.localdomain regardless of what I put in. in the command above. What am I missing here?