ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Importing a certificate for the Content Analysis System (CAS) web management console

book

Article ID: 172089

calendar_today

Updated On:

Products

Content Analysis Software - CA CAS-VA CAS-S200 CAS-S400 CAS-S500

Issue/Introduction

Demonstration of securing the CAS web management console with a certifcate you import.

Resolution

The steps below are shown with openssl and Microsoft PKI to accomplish this task:

1. Generate RSA key (private key) for certificate, and certificate signing request:

openssl req -out server.csr -new -newkey rsa:2048 -nodes -keyout server.key

2. Take the CSR, and sign with Microsoft PKI with basic Web Server signing request. Download the Chain in base64 format.

3. Take newly generated p7b file, and generate a crt file

openssl pkcs7 -print_certs -in certnew.p7b -out certnew.crt

Note: This file still doesn't contain the key.. so we need to include it

4. Use the crt file in conjunction with generated key to convert to pkcs12:

openssl pkcs12 -export -out cert.p12 -inkey server.key -in certnew.crt

5. Import into CAS with the password generated in step 4.

Note: These steps are not the only way to approach the signing and importing a certifcate.
These steps only demonstrate the use of openssl and Microsoft PKI system to accomplish the task
and provide the general idea of the steps necessary to import a certificate for the web management
console. Different tools will have different steps.