The process described in this page will let an administrator replace the default DPOD's web console certificate with one signed by the organization.
...
- Log in to DPOD's appliance.
Copy the new certificate and key file either to the current certificate directory on the DPOD appliance or to any other directory of your choice.
The current certificate directory is:
TODO: key file password encryoption. HK? do we have the java program to extract the password from the system parameters?Code Block language bash theme RDark /etc/httpd/conf/certs
Open the web server configuration file for editing:
Code Block language bash theme RDark vi /etc/httpd/conf/httpd.conf
Update the SSL Certificate lines:
Code Block language bash theme RDark SSLCertificateFile "the new certificate file path" SSLCertificateKeyFile "the new key file path"
SSLCertificateKeyFile needs to point to a key of a "PEM" format.
SSLCertificateFile needs to point to a certificate of a "DER" format.
Note The certificate / key can not be stored in a keystore ( JKS, PKCS )
Restart the web server
Code Block language bash theme RDark service httpd restart