Creating Apache SSL CertificatesComplete the following procedure to create (or re-create) Apache SSL certificates for the TRITON - Web Security module of TRITON management server.
These are basic instructions for creating certificates. Changing the password on certificates is not included in these steps. Avoid changing passwords if possible.
1. Using the Windows Services console (Start > Control Panel > Administrative Tools > Services), stop the following services:
2. Edit <Installation folder>\Web Security\apache\conf\ssl\openssl.txt if necessary.If you have changed the IP address of this machine, edit the IP address in the openssl.txt file to match.
You can create a batch file to automate the tasks in Step 3-Step 8. See Using a batch file for Apache SSL certificate file operations. If you choose to create a batch file, execute it and then skip to Step 8.
3. In <Installation folder>\Web Security\apache\conf\ssl\automation\ run the following scripts in the following order:
4. Copy:
<Installation folder>\Web Security\apache\conf\ssl\output\server.key to
<Installation folder>\Web Security\apache\conf\ssl\ssl.key\server.key
5. Copy:
<Installation folder>\Web Security\apache\conf\ssl\output\server.crt to <Installation folder>\Web Security\apache\conf\ssl\ssl.crt\server.crt
6. Copy:
<Installation folder>\Web Security\apache\conf\ssl\output\cakey.pem to <Installation folderr>\Web Security\apache\conf\ssl\private\cakey.pem
7. Copy:
<Installation folder>\Web Security\apache\conf\ssl\output\manager.p12 to <Installation folder>\Web Security\tomcat\conf\keystore\tomcat
\manager.p12
When creating Apache SSL certificates, there are several batch files to execute and files to copy. You can automate the process by creating and running a batch file.set HOME=<Installation folder>\Web Securitycopy "%HOME%\apache\conf\ssl\output\server.key" "%HOME%\apache\conf\ssl\ssl.key\server.key"copy "%HOME%\apache\conf\ssl\output\server.crt" "%HOME%\apache\conf\ssl\ssl.crt\server.cr"copy "%HOME%\apache\conf\ssl\output\cakey.pem" "%HOME%\apache\conf\ssl\private\cakey.pem"copy "%HOME%\apache\conf\ssl\output\manager.p12" "%HOME%\tomcat\conf\keystore\tomcat\manager.p12"