Technical Library | Support

Go to the table of contents Go to the previous page You are at the end of the document View or print as PDF
Changing the TRITON management server IP address or name : Creating Apache SSL Certificates
Creating Apache SSL Certificates
Topic 51313 | Web, Data, and Email Solutions | v8.2.x | Updated 18-Apr-2016
Perform the following steps on the TRITON management server to create (or re-create) Apache SSL certificates for the web protection management components.
Note that these are basic instructions for creating certificates. Changing the password on certificates is not included in these steps. Avoid changing passwords if possible.
1.
Use the Windows Services tool to stop the following services:
*
Websense TRITON - Web Security
*
Websense Web Reporting Tools
2.
Review the Websense\Web Security\apache\conf\ssl\openssl.txt file to verify that it contains correct information.
If you have changed the IP address of this machine, for example, edit the IP address in the openssl.txt file to match.
 
* 
Note 
You can create a batch file to automate the tasks in Step 3-Step 8. See Using a batch file for Apache SSL certificate file operations. If you choose to create a batch file, execute it and then skip to Step 8.
3.
Go to the Websense\Web Security\apache\conf\ssl\automation\ directory and run the following scripts in the order shown:
a.
s1_newreq.bat
b.
s2_server_key.bat
c.
s3_server_crt.bat
d.
s4_server_p12.bat
4.
Copy the Websense\Web Security\apache\conf\ssl\output\server.key file to:
Websense\Web Security\apache\conf\ssl\ssl.key\server.key
5.
Copy the Websense\Web Security\apache\conf\ssl\output\server.crt file to:
Websense\Web Security\apache\conf\ssl\ssl.crt\server.crt
6.
Copy the Websense\Web Security\apache\conf\ssl\output\cakey.pem file to:
Websense\Web Security\apache\conf\ssl\private\cakey.pem
7.
Copy the \Web Security\apache\conf\ssl\output\manager.p12 file to:
Websense\Web Security\tomcat\conf\keystore\tomcat\manager.p12
8.
Use the Windows Services tool to start the following services:
*
Websense TRITON - Web Security
*
Websense Web Reporting Tools
 
* 
Note 
For more information about Apache SSL go to http://www.apache-ssl.org/#FAQ.
Using a batch file for Apache SSL certificate file operations
When creating Apache SSL certificates, there are several batch files to execute and files to copy. You can automate the process by creating and running a batch file.
The following is an example batch file you can use to create your own:
@echo off
set HOME=<installation_path>\Web Security
set WORKING_DIR=%HOME%\apache\conf\ssl\automation
call "%WORKING_DIR%\s1_newreq.bat"
call "%WORKING_DIR%\s2_server_key.bat"
call "%WORKING_DIR%\s3_server_crt.bat"
call "%WORKING_DIR%\s4_server_p12.bat"
 
@echo on
copy "%HOME%\apache\conf\ssl\output\server.key" "%HOME%\apache\conf\ssl\ssl.key\server.key"
copy "%HOME%\apache\conf\ssl\output\server.crt" "%HOME%\apache\conf\ssl\ssl.crt\server.cr"
copy "%HOME%\apache\conf\ssl\output\cakey.pem" "%HOME%\apache\conf\ssl\private\cakey.pem"
copy "%HOME%\apache\conf\ssl\output\manager.p12" "%HOME%\tomcat\conf\keystore\tomcat\manager.p12"
 

Go to the table of contents Go to the previous page You are at the end of the document View or print as PDF
Changing the TRITON management server IP address or name : Creating Apache SSL Certificates
Copyright 2016 Forcepoint LLC. All rights reserved.