Configuring a Self-Signed Certificate

This procedure describes how to configure a self-signed certificate for HTTPs communication on Unix/Linux.

Use this procedure before configuring a Unix/Linux Agent to use SSL.

and Configuring a Unix Linux Agent to Use SSL

1. Open PowerShell as an Administrator and execute the following commands to create a root certificate and a site certificate.

2. Create a root certificate:

   $rootCert = New-SelfSignedCertificate -DnsName "Your Company Name Dev Root CA" -CertStoreLocation cert:\LocalMachine\My -KeyUsage DigitalSignature,CertSign

3. Create a site certificate:

   New-SelfSignedCertificate -CertStoreLocation cert:\LocalMachine\My -DnsName "*.local.net" -Signer $rootcert -KeyUsage KeyEncipherment,DigitalSignature -NotAfter (Get-Date).AddYears(10)

   In the example:

   DnsName for root certificate is "OIT Root CA"

   DnsName for site certificate is "*.local"

   

4. After you've created both certificates, run mmc.exe to open Microsoft Management Console (MMC).

5. From MMC, select File > Add/Move SnapIn to add the certificate.

6. Copy the created root certificate from the Personal Certifcate folder to the Trusted Root Certification Authorities > Certificates folder.

   

7. Assign the new self-signed certificate to ObserveIT Application Server.