3.8.6 Configuring a Self-Signed Certificate Authority and Creating a Web Server Certificate
3.8.6 Configuring a Self-Signed Certificate Authority and Creating a Web Server Certificate
With Neither a Web Server Secret Key nor a Self-Signed Web Server Certificate
- Execute the sethttps command with the -c enable option specified to start the HTTP service.
XSCF> sethttps -c enable Continue? [y|n] : y |
The command automatically configures self-signing, generates a Web server secret key, creates a self-signed Web server certificate, and enables HTTPS to complete this processing at one time.
With a Web Server Secret Key and Self-Signed Web Server Certificate
The existing Web server secret key and certificate will be overwritten.
- Execute the sethttps command with the DN specified to create a self-signed Web server certificate.
The following example specifies the -c selfsign option along with the DN (JP, Kanagawa, Kawasaki, Example, development, scf-host, abc@example.com) to create a self-signed Web server certificate.
XSCF> sethttps -c selfsign JP Kanagawa Kawasaki Example development scf-host abc@example.com CA key and CA cert already exist. Do you still wish to update? [y|n] :y Enter passphrase: xxxxxxxx Verifying - Enter passphrase: xxxxxxxx |
- Execute the showhttps command with the -t option specified, and confirm that the Web server certificate has been created.
XSCF> showhttps -t Certificate: Data: Version: 3 (0x2) Serial Number: cb:92:cc:ee:79:6c:d3:09 Signature Algorithm: sha256WithRSAEncryption Issuer: C=JP, ST=Kanagawa, O=Fujitsu, OU=Fujitsu, CN=XSCF Validity Not Before: May 24 07:15:17 2017 GMT Not After : May 22 07:15:17 2027 GMT Subject: C=JP, ST=Kanagawa, O=Fujitsu, OU=Fujitsu, CN=XSCF/emailAddress=hoge@hoge Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c7:5f:f1:61:ad:ba:4b:64:25:7e:49:ba:7a:6c: d4:5c:b1:8c:2d:15:9f:8a:2f:70:c8:cc:4a:3d:2c: bd:0a:b7:f8:1d:4a:12:93:ea:22:d5:be:85:69:d7: 0b:31:a8:1a:ae:34:c6:f6:e8:a1:c8:cc:02:08:be: bc:2b:e9:34:8f:f2:ee:4a:93:26:a0:47:93:7e:b7: f8:3f:73:24:55:45:02:14:f7:c2:d8:56:f7:a1:cf: 2f:2d:3e:d4:ff:05:1a:82:25:34:1f:f2:1a:83:91: a7:35:98:7d:2a:92:53:6b:19:75:91:86:b5:2e:ef: : : |
- Execute the sethttps command to enable HTTPS.
XSCF> sethttps -c enable Continue? [y|n] : y |
- If the system has multiple XSCFs, the settings are automatically reflected by the standby XSCF.
< Previous Page | Next Page >