Open topic with navigation

Generating a Self-Signed Certificate

This topic applies to both Software Logger and the Logger Appliance.

Your appliance ships with a self-signed certificate so that an SSL session can be established the first time you connect. This type of certificate does not require signing from another entity and can be used immediately.

To generate a self-signed certificate:

  1. Click System Admin from the top-level menu bar.
  2. Click SSL Server Certificate from the Security section in the left panel to display the Generate Certificate/Certificate Signing Request page.
  3. Click the Generate Certificate tab.  

  4. From the Enter Certificate Settings field, enter new values for the following fields:

    Parameter

    Description

    Country

    A two-letter country code, such as ‘US’ for the United States.

    State/Province

    State or province name, such as ‘California.’

    City/Locality

    City name, such as ‘Sunnyvale’.

    Organization Name

    Company name, governmental entity, or similar overall organization.

    Organizational Unit

    Division or department within the organization.

    Hostname

    The host name or IP address of this system.

    When specifying the host name, make sure that this name matches the name registered in the Domain Name Service (DNS) server for the system. On the Logger Appliance, this name must be identical to the host name specified in NICs.

    Note: If the host name or IP address of this system changes in the future, you must generate a new self-signed certificate or CSR. Once a new certificate is obtained, you must upload it to ensure that the connectors (in FIPS mode) which communicate with the system are able to validate the host name.

    Email Address

    The email address of the administrator or contact person for this CSR.

    Private Key Length

    Select the length (in bits) of the private key: 1024, 2048, 4096, or 8192.

    Use the first two buttons to generate a CSR or a self-signed certificate. The View Certificate button is only used to view the resulting certificate.

    Button

    Description

    Generate CSR

    Click to generate a Certificate Signing Request (CSR).

    Generate Certificate

    Click to generate a self-signed certificate.

    View Certificate

    Click to view the generated certificate.

  5. Click the Generate Certificate button to generate the self-signed certificate.

    Note: The Apache server restarts while generating the certificate. You may get an error communicating to the web server while this is happening. This is expected behavior, and communication is automatically restored once Apache is back up.

  6. Click Ok to confirm generation.
  7. Click the View Certificate button to view the PEM-encoded self-signed certificate.

Concept Link IconSee Also