Create and import custom certificate for Reporter 10.2.x

book

Article ID: 170680

calendar_today

Updated On:

Products

Reporter-S500 Reporter-VA

Issue/Introduction

Reporter 10.2.x adds the ability to create and import a custom certificate to be used to secure the Reporter management interface and FTPS server.
 

Resolution

Reporter 10.2.x requires the certificate and key to be converted to a PKCS12 certificate.

This example uses OpenSSL on Linux.

Create the Certificate:
 

  1. Generate the certificate and key.  The OU must be the Reporter serial number.  The CN must be the device IP or hostname.  This example creates a certificated called "newcert" and a key called "newkey".  This certificate is valid for 365 days.

 
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -sha256 -keyout newkey -out newcert -subj /O=Reporter/OU=4xxxxxxxx1/CN=192.168.1.10
 

  1. Convert the certificate and key into PKCS12 format.  The key name must be exported as "defaultcertkey"This example combines the certificate and key created in step one.  It will create a new certificate called "reportercert.p12" with the password of "testing".

 
openssl pkcs12 -export -name defaultcertkey -in newcert -inkey newkey -out reportercert.p12 -passout pass:testing

You can now host this certificate on your web server and import it into Reporter.  Use the command: security import-server-certificate <URL>

example: security import-server-certificate http://192.168.23.10/reportercert.p12