Generating SSL certificates
Use these steps to generate SSL certificates:
- Prepare a suite of certificates for the security server's SSL connection.
- On the Server Administration > Security Server tab > Firewall tab select Enable RMI Registry for SSL, and then select Generate SSL Certificates.
- This opens the Generate SSL Certificates dialog box. Add the CA Certificate Location, Customer Name, and Password.
-
Click OK to generate the certificate for the security server SSL
connection. Ensure the CA and generated certificate meet the requirements.
Requirements are:
- Key size of CA cannot be greater than 1024; otherwise, an exception results.
- Key type is DSA. The size is 512 or 1024 (preferred).
- Signature algorithm is
sha1WithDSA
.
- Place them in security/certs/ssl.