Configuration menu Upload server certificate
Digi CM User Guide 166
Upload server certificate
To upload your own certificate, you can use one of following two methods,
1 Use Upload Server Certificate menu.
Note that this menu is displayed only when you run configmenu on the serial console of the Digi
CM unit. (configmenu run on CLI via Telnet or SHI will not display this menu)
2 Copy your own server.pem file to /tmp/cnf/ using scp.
Note Do not forget to run saveconf command in CLI if you want to keep this change permanently.
You can use your own certificate for your Digi CM unit after replacing the original server.pem on /
tmp/cnf/ with your server.pem. The following procedure is to import an SSL certificate for the
HTTPS interface.
OpenSSL(SSLeay) Simple CA Usage - Install Openssl
1 Download latest openssl package
2 Install openssl package
# cd /work/
# tar -xvzf openssl-0.9.7c.tar.gz
# cd openssl-0.9.7c
# ./config
# make
# make test
# make install
Make Root CA (Certificate Authority for self-signed)
1 Edit openssl configuration file
# vi /usr/share/ssl/openssl.cnf
Note Modify [req_distinguished_name] section of "openssl.cnf" Please refer to sample
openssl.conf file(openssl.conf.digi). Modify [req_attributes] section of "openssl.cnf"
challengePassword_min =0
challengePassword_max =0
2 Make self-signed Root CA(Certificate Authority)
# cd /work/openssl-0.9.7c/
# mkdir CA
# cd CA
# sh /usr/local/ssl/misc/CA.sh -newca
CA certificate filename (or enter to create)
; (Press Enter to use default value)
Making CA certificate ...
; openssl is called here as follow from CA.sh
; openssl req -new -x509 -keyout ./demoCA/private/./cakey.pem \
; -out ./demoCA/./cacert.pem -days 365
To Next Page
Loading...
Need help?
General
