Generating a Self-Signed Certificate for the End User Web Interface
To make an SSL connection more secure, it is recommended that you generate your own self-signed certificate. The following instructions assume that OpenSSL is installed on the system; see http://www.openssl.org/ for more information.
To generate a self-signed certificate:
- At the command line, log in as the PureMessage user (by default "pmx6").
- Change to the /opt/pmx6/etc/manager/httpd2/ directory beneath the root PureMessage installation directory.
Back up pmx-cert.cert and
pmx-cert.pem by running the following commands:
mv pmx-cert.cert backup-pmx-cert.cert mv pmx-cert.pem backup-pmx-cert.pem
Generate a new pmx-cert.pem file with the following
pmx-cert --dns=<fully qualified domain name of the EUWI server> --email ="<Administrator's email address>" --ip=<IP address of the EUWI server> --url=http://<fully qualified domain name of the EUWI server>
Ensure that the
SSLCertificateFileoption in the /opt/pmx6/etc/manager/httpd2/ssl.conf file is set to /opt/pmx6/etc/manager/httpd2/pmx-cert.pem
Restart the HTTP (RPC/UI) service with:
pmx-httpd stop; httpd