...
| Code Block |
|---|
| language | bash |
|---|
| title | Copy Certificates |
|---|
| firstline | 1 |
|---|
|
# Copy the files to the correct locations
cp ca.crt /etc/pki/tls/certs/ca.crt
cp ca_bundle.crt /etc/pki/tls/certs/ca_bundle.crt
cp ca.key /etc/pki/tls/private/ca.key |
| Code Block |
|---|
# (1.9)
ssl.passphrase= |
The following settings should also be updated to use the new "https://" addresses.
| Code Block |
|---|
# (1.4)
url.root=
# (1.14)
ui.end.point.url= |
The keystore generated under "Creating a certificate" should be named "tomcat.keystore" and moved into "/usr/tomcat/share" on each machine running an Interface Engine. The file should be owned by the tomcat user. The Interface Engine can then be restarted ("service tomcat6-interface-engine restart").
Finally, if the deployment is in the Amazon AWS Cloud, and a load balancer is used for resilience/performance, then the load balancer needs to be reconfigured to use HTTPS (including uploading a certificate). This process is described here.After the certificates and private key are copied to the correct location, the next step will be to edit apache's SSL configuration file (ssl.conf).
| Code Block |
|---|
| language | bash |
|---|
| title | Edit SSL.conf |
|---|
|
vi /etc/httpd/conf.d/ssl.conf |