Go to the table of contents Go to the previous page Go to the next page
Websense Web Security SSL Certificates : Generating self-signed SSL certificates

2.
Generate a Certificate Signing Request (CSR) with the private key. IMPORTANT When prompted for the CommonName, enter the IP address of the Filtering Server machine. If you skip this step, client browsers will display a security certificate error.
4.
(For TRITON - Web Security) Use the CSR to create a key store file (manager.p12).
If you prefer to create the certificate without using the script files, you can still use OpenSSL. Clear instructions for using the OpenSSL toolkit to generate a certificate are available from www.akadia.com/services/ssh_test_certificate.html.
When TRITON - Web Security is installed, an OpenSSL toolkit is installed automatically, including a series of script files that can be used to simplify the certificate generation process.
1.
On the TRITON - Web Security machine, navigate to the apache/conf/ssl directory (C:\Program Files\Websense\apache\conf\ssl or /opt/Websense/apache/conf/ssl/, by default).
2.
Open the openssl.txt file in a text editor.
3.
Edit the file as appropriate to change the input information used to generate the certificate and key. The file contains the following information:
For example, SanDiego.
For example, MyCompany
<server IP address or name>
The IP address or hostname of the machine where TRITON - Web Security or, for secure manual authentication, Filtering Service, is running.
For example, info@mycompany.com.
<challenge password>
US
MA
Boston
MyCompany'sCN
MyCompany'sO
MyCompany'sOU
MachineHostName_IPAddress_or_Alias
info@mycompany.com
pw_generation_string
Important 
5.
Navigate to the Websense/apache/conf/ssl/automation/ directory.
6.
If you are generating certificates for use with TRITON, run each of the script files in the directory in order. If you are generating certificates to enable secure manual authentication, run the s1 through s3 scripts in order (you do not need to generate the files created by the remaining scripts).
7.
Navigate to the Websense/apache/conf/ssl/output/ directory.
*
If you are using the files for TRITON - Web Security, the directories are:
*
If you are using the files to enable secure manual authentication, copy the server.crt and server.key files to the Websense bin directory on the Filtering Service machine (/opt/Websense/bin/ or C:\Program Files\Websense\bin, by default).
*
If you generated a certificate for use with TRITON - Web Security restart the Apache and Tomcat services or daemons.
*
Windows: Use the Windows Services dialog box to restart the Apache2Websense and ApacheTomcatWebsense services.
*
Linux: Use the /opt/Websense/WebsenseDaemonControl script to restart TRITON - web.



Go to the table of contents Go to the previous page Go to the next page
Websense Web Security SSL Certificates : Generating self-signed SSL certificates