- SSH to DLP:
Login as dlpremote
Loging as su
browse to directory: cd /usr/share/tomcat60/conf/
Generate the Private RSA key : openssl genrsa -des3 -out example.key.com 2048
Generate the Certificate Signing Request : openssl req -new -key example.key.com -out example.csr
(Optional) Remove the pass phrase on the RSA private key: openssl rsa -in example.key.com -out example.key
Get the csr out , you can use command : nano example.csr
- After the previously generated CSR has been signed by an Internal Microsoft PKI or a Public CA , now you can import and replace the default Certificate on the DLP.
- Backup /usr/share/tomcat60/conf/mycert.p12.
- Copy the new.p12 to mycert.p12.
- Verify permissions are the same as the original mycert.p12
- Edit /usr/share/tomcat60/conf/server.xml. Search for keystorePass, and edit the value that follows it to your p12 file password.
- Restart tomcat.
# cgnmgr restart tomcat