Skip to main content
  1. Home >
  2. Products >
  3. Computing Products >
  4. Servers >
  5. Fujitsu SPARC servers >
  6. Downloads >
  7. User Manuals >
  8. Fujitsu SPARC M12 and Fujitsu M10/SPARC M10 System Operation and Administration Guide >
  9. 3.8.6 Configuring a Self-Signed Certificate Authority and Creating a Web Server Certificate

3.8.6 Configuring a Self-Signed Certificate Authority and Creating a Web Server Certificate


3.8.6 Configuring a Self-Signed Certificate Authority and Creating a Web Server Certificate
With Neither a Web Server Secret Key nor a Self-Signed Web Server Certificate
  1. Execute the sethttps command with the -c enable option specified to start the HTTP service.
XSCF> sethttps -c enable
Continue? [y|n] : y
The command automatically configures self-signing, generates a Web server secret key, creates a Web server certificate, and enables HTTPS to complete this processing at one time.
With a Web Server Secret Key and Self-Signed Web Server Certificate
The existing Web server secret key and certificate will be overwritten.
  1. Execute the sethttps command with the DN specified to create a self-signed Web server certificate.
    The following example specifies the -c selfsign option along with the DN (JP, Kanagawa, Kawasaki, Example, development, scf-host, abc@example.com) to create a self-signed Web server certificate.
XSCF> sethttps -c selfsign JP Kanagawa Kawasaki Example
development scf-host abc@example.com
CA key and CA cert already exist. Do you still wish to update? [y|n] :y
Enter passphrase: xxxxxxxx
Verifying - Enter passphrase: xxxxxxxx
  1. Execute the showhttps command with the -t option specified, and confirm that the Web server certificate has been created.
XSCF> showhttps -t
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            cb:92:cc:ee:79:6c:d3:09
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=JP, ST=Kanagawa, O=Fujitsu, OU=Fujitsu, CN=XSCF
        Validity
            Not Before: May 24 07:15:17 2017 GMT 
            Not After : May 22 07:15:17 2027 GMT
        Subject: C=JP, ST=Kanagawa, O=Fujitsu, OU=Fujitsu, CN=XSCF/emailAddress=hoge@hoge
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c7:5f:f1:61:ad:ba:4b:64:25:7e:49:ba:7a:6c:
                    d4:5c:b1:8c:2d:15:9f:8a:2f:70:c8:cc:4a:3d:2c:
                    bd:0a:b7:f8:1d:4a:12:93:ea:22:d5:be:85:69:d7:
                    0b:31:a8:1a:ae:34:c6:f6:e8:a1:c8:cc:02:08:be:
                    bc:2b:e9:34:8f:f2:ee:4a:93:26:a0:47:93:7e:b7:
                    f8:3f:73:24:55:45:02:14:f7:c2:d8:56:f7:a1:cf:
                    2f:2d:3e:d4:ff:05:1a:82:25:34:1f:f2:1a:83:91:
                    a7:35:98:7d:2a:92:53:6b:19:75:91:86:b5:2e:ef:
                    :
                    :
  1. Execute the sethttps command to enable HTTPS.
XSCF> sethttps -c enable
Continue? [y|n] : y
  1. If the system has multiple XSCFs, the settings are automatically reflected by the standby XSCF.