How to replace the certificate that is using Reporter web console ?
Article ID: 217112
Updated On: 06-10-2021
Products
Issue/Introduction
Requested Certificate Signing Request(CSR) for Certificate Authority(CA) then receive the server certificate from CA.
How to install this server certificate to use for Reporter web console access ?
Environment
Release : Reporter 10.6.2.1
Component : Web Management Console
Resolution
Reportetr's web console setting relate the "default" ssl-context.
You need replace the current keyring named default and certificate named default in the ssl-context "default" if you want to use server certificate issued by 3rd party bender.
This is step replace the certificate that is using Reporter web console
1.Prepare the 2 item
- private key : It will be created when you requested server certificate for CA.
- server certificate : Revived it from CA
2.Install(replace) Private key for Reporter when it created CSR.
This process use command "inline keyring" by ssl config mode.
reporter(config-ssl)# inline keyring default
Enter the keyring below and end it with a Ctrl-D
copy/past the private key info from -----BEGIN RSA PRIVATE KEY----- to -----END RSA PRIVATE KEY-----.
[Note] Don't use the encrypted Private key data which is start "--- BEGIN ENCRYPTED PRIVATE KEY ---".
Reporter expect decrypted Private key data.
3.Install (replace) Server Certificate issue by CA.
This process use command βinline certificateβ by ssl config mode.
Reporter confirm replace or not please input βyesβ this confirmation.
reporter(config-ssl)# inline certificate default
Enter the certificate below and end it with a Ctrl-D
copy/past the server certificate info from -----BEGIN CERTIFICATE----- to -----END CERTIFICATE-----.
Input "yes" when Reporter confirm "Would you like to replace it?" .
A certificate already exists for keyring default. Would you like to replace it? (yes/no) [no]: yes
Additional Information
[Command sample the step2]
reporter(config-ssl)# inline keyring default
Enter the keyring below and end it with a Ctrl-D
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEA5/ftRkeg4Jef4JaWIft/89yCISHyOyZ07iiKWdfD23kipYdp
76iPN7Nkf//CmZSU7SPNSc0wTbV6Xhb/lfx8OB8xoLkHWuJSbpt8
-----END RSA PRIVATE KEY-----
ok
reporter(config-ssl)#
[Command sample the step3]
reporter(config-ssl)# inline certificate default
Enter the certificate below and end it with a Ctrl-D
-----BEGIN CERTIFICATE-----
MIIEWzCCA0OgAwIBAgIBBjANBgkqhkiG9w0BAQsFADCBqzELMAkGA1UEBhMCSlAx
O7Gif4bhe/CJ7hR1aFOPuQHpRFlfAtc4c5VZXBTJwh+hhPkUjrS3k4fpASqaOBku
aDnwQPAiUwQ7UXRVKgTA
-----END CERTIFICATE-----
A certificate already exists for keyring default. Would you like to replace it? (yes/no) [no]: yes
ok
reporter(config-ssl)#
Feedback
