Generating a Self-Signed Certificate

To make an SSL connection more secure, it is recommended that you use a private certificate. By default, PureMessage uses the /opt/pmx6/etc/manager/manager.pem certificate. If you prefer to generate your own self-signed certificate, you can do so using the pmx-cert command.

The following instructions assume that OpenSSL is installed on the system; see http://www.openssl.org/ for more information.

To generate a self-signed certificate:

  1. At the command line, log in as the PureMessage user (by default "pmx6").
  2. Change to the /opt/pmx6/etc/manager/ directory beneath the root PureMessage installation directory.
  3. Generate a pmx-cert.pem file with the following command:
    pmx-cert --dns=<fully qualified domain name of the server>
    --email ="<Administrator's email address>" --ip=<IP address of  the server>
    --url=http://<fully qualified domain name of the server>
  4. On the PureMessage Manager's Local Services: SSL Encryption page, edit the Private Key File text box so that it reads /opt/pmx6/etc/manager/pmx-cert.pem. Then ensure that the Same file as private key option button is selected, and click Save. You are prompted to accept the certificate. Select the option to accept it permanently.
  5. On the Local Services: Manager Status page, click Restart.