Locating the Certificates

This procedure describes how to locate the certificates and find the certs directory. This is used for both self-signed digital certificates andtrusted internal CA certificates.

Verify the OpenSSL Version

Verify the Open SSL version.

For information about the latest stable version and vulnerabilities, see www.openssl.org.

  • Run the following command:

    openssl version

    The version number is returned. For example:

    OpenSSL 1.0.1a 15 Oct 2015

Find the path to the trusted certificates

  1. Run the following command:

    $ openssl version -d

    The resulting output is the the OpenSSL certificate path for your operating system.

    For example:

    • OPENSSLDIR: "/etc/sfw/openssl" (Solaris)

    • OPENSSLDIR: "/var/ssl"(AIX)

    • OPENSSLDIR: "/etc/pki/tls" (RHEL)

    • OPENSSLDIR: "/etc/ssl"(SLES)

    • OPENSSLDIR: "/usr/lib/ssl" (Ubuntu)

  2. Verify the directory "certs" exists by using the list directory command:

    ls

  3. If there is no certs directory, create it by running the command:

    mkdir certs

  4. Navigate to the cert directory in the located path by running the command:

    cd certs

    The next step in configuring the Unix/Linux Agent to use SSL, is to install a Self-Signed Digital Certificate or Trusted Internal CA Certificate.