3.11.2 Flow of obtaining certificates for SSL communication for the smart device manager
From a Certificate Authority, obtain certificates (root certificate and server certificate) for SSL communication for the smart device manager.
The flow of obtaining certificates for SSL communication for the smart device manager is as follows:
-
Create a private key for the Web server (openssl.bat genrsa command).
Specify the file containing the created private key for the Web server in the SSLCertificateKeyFile directive.
-
Create a Certificate Signing Request (CSR) (openssl.bat req command).
-
Display the contents of a Certificate Signing Request (CSR) (openssl.bat req command).
If necessary, check the contents of the Certificate Signing Request (CSR).
-
Send the CSR to the CA.
-
Acquire a certificate from the CA.
- Tip
-
You can use the openssl.bat x509 command to check the contents of the certificate you obtained.
- Tip
-
In the certificate you obtained, save the part from -----BEGINCERTIFICATE----- to -----END CERTIFICATE---- in another file (httpsd.pem file defined in httpsd.conf provided as standard). Defining this file for the SSLCertificateFile directive enables use of SSL.
- Important
-
The obtained certificates must also be set up on the JP1/IT Desktop Management 2 management server.
Related Topics
-
G.1 Creating a private key for the Web server (openssl.bat genrsa command)
-
G.2 Creating a Certificate Signing Request (CSR) (openssl.bat req command)
-
G.3 Displaying the contents of a Certificate Signing Request (CSR) (openssl.bat req command)
-
G.4 Displaying certificate contents (openssl.bat x509 command)
-
G.5 Converting the certificate format (openssl.bat x509 command)