Installing a Security Certificate for the Dell EMC Isilon Management Pack
Article ID: 334237
Updated On:
Products
Issue/Introduction
The installation documentation to test the install of the security certificate in Isilon is incorrect for some systems.
After installing it indicates testing on port 8080, which is API and WebUI enabled.
However, by default it only installs the certificate into port 8081, which is an API only port.
This is a snippet from the "/usr/local/apache2/conf/webui_httpd.conf" file showing the API port 8081 configuration.
<VirtualHost _default_:8081>
SSLEngine on
SSLInsecureRenegotiation on
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key
<VirtualHost _default_:8080>
SSLEngine on
SSLCertificateFile /ifs/.ifsvar/modules/isi_certs/store.system/server/cert/c2013728637dddf9f44d57cee5e12765581fe885f52eedfffd19879fe18399aa.cert
SSLCertificateKeyFile /ifs/.ifsvar/modules/isi_certs/store.system/server/key/c2013728637dddf9f44d57cee5e12765581fe885f52eedfffd19879fe18399aa.key
Notice that the certificate and private key files are some type of hash in this example, and in a completely different location than the instructions give for enabling a custom certificate.
In the next example, we've commented out the hash lines and made new entries that are the same as they are for port 8081, thus enabling the certificate on 8080 as well.
<VirtualHost _default_:8080>
SSLEngine on
#SSLCertificateFile /ifs/.ifsvar/modules/isi_certs/store.system/server/cert/c2013728637dddf9f44d57cee5e12765581fe885f52eedfffd19879fe18399aa.cert
#SSLCertificateKeyFile /ifs/.ifsvar/modules/isi_certs/store.system/server/key/c2013728637dddf9f44d57cee5e12765581fe885f52eedfffd19879fe18399aa.key
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.keyEnvironment
Feedback
