Create a CSR on Reporter 10.x and 11.0.x
search cancel

Create a CSR on Reporter 10.x and 11.0.x

book

Article ID: 245796

calendar_today

Updated On:

Products

Reporter-S500 Reporter-VA Reporter

Issue/Introduction

Create a Certificate Signing Request (CSR) on Reporter and import the certificate to Reporter once signed.

Resolution

There are three steps to creating and importing the signed CSR:

  1. Creating the CSR
  2. Importing the signed CSR
  3. Loading the signed CSR to be used by Reporter

1. Create the CSR

To create a CSR, login via the CLI, then enter configure mode.

Once in configure mode, execute the following command to create the CSR:

reporter(config)#ssl create signing-request default subject
 
then hit <Enter>.

You will be asked for "Value for 'subject' (<Certificate subject>):"

Enter:  C=US,ST=CA,O=YourCompanyName,CN=reporter.yourdomain.local,OU=1xxxxxxxx6 

Note: Ensure you add the serial number as the OU in the cert.

For example:

Value for '' (<Country Code>): US
Value for '' (<State or Province Name (full name)>): CA
Value for '' (<Organization Name (eg company)>): YourCompanyName
Value for '' (<Organizational Unit Name (eg section)>): Serial number of Reporter
Value for '' (<Common Name (eg reporter FQDN or IP address )>): reporter.yourdomain.local

You can change the fields to reflect your company's data.

Once created, use the command "ssl view signing-request default" and copy the output (the signing request) to get signed.

Work with your Certificate Authority Team to sign the CSR with your root CA.

The root CA should be trusted to your browser, Management Center (MC), or any other device communicating with reporter.

You must use the default key to generate the CSR.  If you don't use the default key, Reporter will not use that certificate for the GUI. 

2. Import the signed CSR

Once the CSR is signed, and you have the signed certificate, open the signed certificate in a plain text editor, such as Notepad.

Copy the contents or the text file, and use the command below (from config mode) to import it to the reporter:   

reporter(config)# ssl inline certificate default

Hit <Enter>, paste the certificate, then hit <Enter> once more to go to the next line. Then hit <Ctrl + D> to exit. 

3. Load the signed CSR

To load certificate please use one of the following options:

  1. The preferred method is to stop and restart the Reporter process executing the following from enable mode:

    reporter# stop-reporter
    Are you sure? (y/N): y
    Reporter stopped.
    reporter# start-reporter
    Reporter starting.

    If you utilize the FTPS service to upload logs to the reporter, please re-enable the FTPS feature on the Reporter to load the certificate.

  2. Alternatively, reboot Reporter using the "restart" command

    reporter# restart



Powered by Wolken Software