Steps to create a signed certificate for Operator Console/Cabi/ Admin Console to avoid privacy errors in the browsers " Your connection is not private ", and "NET::ERR_CERT_AUTHORITY_INVALID"
Release : All supported versions
The process below will help you create and import a server certificate signed by your root CA and trusted by the browsers.
The same steps apply to the wasp probe to Cabi, Admin Console, and Operator Console.
Verify the following prerequisites before continuing:
- You are an administrative user with access to Infrastructure Manager.
- Wasp probe is configured to use HTTPS.
- Access to the server you want to create the certificate for.
Part 1: Create a password for wasp.keystore:
1. SSL reinitializes keystore (wasp callback) to reset the wasp.keystore
Follow these steps:
A- Open Infrastructure Manager.
B- Navigate to the robot you want to create the certificate for.
C- Click on the wasp probe to highlight it.
D- Press Ctrl+<P> to open the probe utility.
E- In the drop-down list under the Probe command set, select ssl_reinitialize_keystore.
F- Enter a new password as an argument.
Use a password that is at least six characters long. The wasp probe utility will not prevent you from using a shorter password. save this password as you will need to use this password in the next steps.
G- Click the green play button to run the callback.
H- The Command status bar displays the text OK.
Securely record the password you set for future use.
dir /b/s keytool.exe
3. Add the directory where keytool.exe resides to the PATH variable.
use the keytool that with Nimsoft location
4. go to Nimsoft\probes\service\wasp\conf:
cd C:\Program Files\Nimsoft\probes\service\wasp\conf
5. Verify you can access wasp.keystore, run the list command
keytool -list -alias wasp -keystore wasp.keystore
the keystore password is what you created in Part 1
Part 3:Create keypair and CSR:
1 . Run the below command to delete the automatically generated wasp keystore certificate, the password is what you created in Part 1
keytool -delete -alias wasp -keystore wasp.keystore
keytool -list -keystore wasp.keystore
keytool -genkeypair -alias wasp -keyalg RSA -keysize 2048 -keystore wasp.keystore -validity 999
keytool -certreq -alias wasp -validity 999 -keystore wasp.keystore -file certificate_filename.csr -ext SAN=dns:server.test.com,ip:18.104.22.168
We highly recommend taking a backup of the wasp.keystore at this point
keytool -import -file <CA root certificate file> -alias rootCA -keystore wasp.keystore -trustcacerts
keytool -import -file <CA Intermediate certificate file> -alias Intermediate -keystore wasp.keystore -trustcacerts
keytool -import -alias wasp -file <CA signed certificate file> -keystore wasp.keystore