Puremessage on Unix - CA Signed SSL Certificate for End User Interface

Question

Is anyone using a CA Signed Certificate for the End User Interface? The only alternatives mentioned in the documentation are for self-signed certificates. Our Security folks frown on that for end user applications. Thanks, Bob Shafer University of Denver

This thread was automatically locked due to age.

TomA · Accepted Answer

Hi Bob,

You should be able to add the certificate to the apache configuration:

/opt/pmx/etc/manager/httpd2/ssl/http.conf

Within the <VirtualHost *:28443> tags you you can add certificate details like this:

SSLCertificateKeyFile etc/manager/httpd2/private.key

SSLCertificateFile etc/manager/httpd2/mydomain.pem

SSLEngine On

In the above example, you'd need to put the corresponding private and public keys here, and make them readable by the 'pmx' user:

/opt/pmx/etc/manager/httpd2/private.key

/opt/pmx/etc/manager/httpd2/mydomain.pem

Once you are ready restart the service for the changes to take effect: su - pmx -c "pmx-httpd restart "

Hope this helps,

Tom.