How to create your own self-signed certificates to use with Malware Analysis Appliance (MAA)

book

Article ID: 168195

calendar_today

Updated On:

Products

Malware Analysis Software - MA

Issue/Introduction

Resolution

You will need the new certificates in the following formats with the following exact names:

A non-encrypted OpenSSL key file 'localhost.key'
A matching OpenSSL X509 certificate in PEM format 'localhost.pem'
 
The UI SSL certs are located in /etc/mag2/ssl

1)      Login to the appliance via SSH as user 'g2' then change to root 'sudo su -'
2)      Move all of the files in "/etc/mag2/ssl" to another location

$ cd /etc/mag2/ssl
$ mkdir bluecoat-original
$ mv localhost.* bluecoat-original/


3)      Place the new cert files (localhost.key and localhost.pem) in /etc/mag2/ssl 
4)      Restart web services
 
$ supervisorctl restart web-router:*
$ web-router-80: stopped
$ web-router-443: stopped
$ web-router-443: started
$ web-router-80: started


5)      If web-router-443 does not start back up i.e. 'ERROR (abnormal termination)', that indicates that Apache could not load the certificate (probably incorrect format, wrong name, etc.).