SSL server certificate for Apache server

Infrastructure Management Server installs a SSL-enabled Apache Server. The SSL Web server uses a self-signed certificate that must be replaced before HTTPS protocol is used.

SSL connection support requirements

Infrastructure Management supports 128-bit encryption of the SSL (secure socket layer) scheme. However, the following rules apply:

• Only the following connections are secured:
  • Agent to Agent Controller
  • Administration Console to JServer
  • HTML client (browser) to web server
• Certificate Revocation (CRL) is not implemented.
• All agents and remote modules share the same key pair and certificate.
• By default, all customers are shipped the same keys and certificates.
• All keys and certificates have a validity period of 5907 days from the start date: 6/11/2014.
• Only JKS (shipped with the JRE) key store format is supported.
• By default, the server allows both authenticated and non-authenticated connections. However, that can be changed through a property.
• Manual steps are required on the remote modules before they can use certificates issued by a different CA. No support is provided for this.