The advantage of a certificate-authority-signed certificate is that it verifies to the browser that the system is the system to which the client intended to connect.
Steps
-
Send the certificate signing request, secureadmin.pem, to the certificate authority. This file is found in the /etc/keymgr/cert directory on the storage system.
Note: This process might take a few days.
- Back up the secureadmin.pem file by making a copy.
- When the certificate authority returns the signed certificate, copy the signed certificate into a temporary location on the storage system.
- Install the certificate by entering the following command: secureadmin addcert ssl directory_path
directory_path is the full path to the certificate.
Example
The following command installs a certificate called secureadmin.pem, currently located in the tempdir directory, into the /etc/keymgr directory: secureadmin addcert ssl /etc/tempdir/secureadmin.pem
- Disable SSL by entering the following command:secureadmin disable ssl
- Enable SSL by entering the following command:secureadmin enable ssl