When you installed the i-Planet software, you created and installed a self-signed SSL certificate. At some point after installation, you might want to generate a new self-signed certificate; you might want to change the information for the certificate you entered during the original installation, for example.
As root, run the certadmin script on the i-Planet gateway:
# /opt/SUNWsnrp/bin/certadmin |
The Certificate Administration menu is displayed:
1) Generate Self-Signed Certificate 2) Generate Certificate Signing Request (CSR) 3) Add Root CA Certificate 4) Install Certificate from Certificate Authority (CA) 5) Quit choice: [5] |
Enter 1 on the Certificate Administration menu to generate a self-signed certificate.
The Certificate Administration script prompts you to enter specific information about your organization and a passphrase for the self-signed certificate:
What is the fully qualified DNS name of this host? [hostname.domainname] What is the name of your organization? [] What is the name of your organizational unit? [] What is the name of your City or Locality? [] What is the name of your State or Province? [] What is the two-letter country code for this unit? [] ... Enter passphrase [] |
Enter the information for your organization and a passphrase for the self-signed certificate.
A self-signed certificate is generated and added to the file /etc/opt/SUNWstnr/rp.keystore on the i-Planet gateway. Your prompt returns.
Stop and restart the reverse proxy server on the i-Planet gateway for the certificate to take effect.
See the procedure "To Stop and Restart the Reverse Proxy Server on the i-Planet Gateway" in Chapter 3, Other Administrative Tasks.
Make a backup copy of the rp.keystore file.