Skip to Content
Information
Unsupported content This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Configuring SSL for Linux Platform Manager

This topic provides instructions for configuring SSL for Linux Platform Manager.

To configure SSL for Linux Platform Manager

  1. Download OpenSSL.
     See this website to obtain a tar file for OpenSSL.
  2. Copy the installation package to the location where you want to install OpenSSL, and run the following command to unpack the tar file:
    tar -xf openssl-0.9.8c.tar.gz
  3. Navigate to the directory where OpenSSL is installed and create the following directories with read, write, and execute permissions:
    • demoCA
    • demoCA/certs
    • demoCA/crl
    • demoCA/newcerts
    • demoCA/private
  4. Run the following commands to copy files between directories:
    cp apps/demoCA/index.txt demoCA/index.txt
    cp apps/demoCA/serial demoCA/serial

  5. In the /etc/pki/tls/openssl.conf file, edit the CA_default section so it identifies the location of /demo directory. 


    [ CA_default ]
    dir      = <openssl_install_dir>/demoCA       # Where everything is kept

To generate a CA certificate

  1. Enter the following command:
    openssl req -new -x509 -days 365 -keyout cakey.pem -out cacert.pem
  2. When prompted, enter a pass phrase.
  3. When prompted, repeat the pass phrase to confirm your entry.
  4. When prompted, provide the requested information or enter a dot to leave the field blank.
  5. When prompted for a common name, enter the host name or IP address of the Linux Platform Manager host.
     OpenSSL generates a cakey.pem and a cacert.pem file in the same directory where you have installed OpenSSL.

To generate an SSL certificate request

  1. Enter the following command:
    openssl req -new -nodes -out req.pem -keyout reqkey.pem
  2. When prompted, enter a pass phrase.
  3. When prompted, repeat the pass phrase to confirm your entry.
  4. When prompted for additional information, provide the requested information or enter a dot to leave the field blank.
  5. When prompted for a common name, enter the host name or IP address of the Linux Platform Manager host.

To generate a signed SSL certificate

  1. From the directory where OpenSSL is installed, run the following commands to copy files between directories:
    cp cakey.pem openssl-0.9.8c/apps/demoCA/private/.
    cp cacert.pem openssl-0.9.8c/apps/demoCA/private/.
  2. Enter the following command:
    openssl ca -out cert.pem -infiles req.pem
  3. When prompted, enter a pass phrase.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Cloud Lifecycle Management 3.0