To generate a Certificate Signing Request (CSR), there are two available methods that you can use:
- Log on to the Enterprise Security Manager console.
- Click System, Properties, ESM Management.
- Click Certificate, Signed Certificate Request, Generate.
- Alternative method:
You can use any generic Apache SSL CSR to create the .crt and .key files that are needed for the NitroView Certificate to generate an SSL key. To generate a CSR, you can use the OpenSSL utility commonly found on Linux systems as follows:
- From a command prompt on the Linux system, type the following commands, and press Enter after each one:
openssl genrsa -des3 -out server.key 1024
(You need a password to create the key. When the key is created, you see a server.key file in the root directory.)
openssl rsa -in server.key -out servernopass.key
openssl req -new -key servernopass.key -out server.csr
(You can populate the fields, but we recommend that you leave them blank. They aren’t needed for the SSL key creation. Also, leave the password field blank so NitroView can generate an SSL cert.)
- After you generate your CSR, you can use it to generate a .crt (Base64/PEM-encoded certificate file).
- Upload the .crt file and the servernopass.key file to the ESM. Click System, Properties, ESM Management, Certificate, Upload.