Generating a Self-Signed Certificate
To make an SSL connection more secure, it is recommended that you use a private certificate. By default, PureMessage uses the /opt/pmx6/etc/manager/manager.pem certificate. If you prefer to generate your own self-signed certificate, you can do so using the pmx-cert command.
The following instructions assume that OpenSSL is installed on the system; see http://www.openssl.org/ for more information.
To generate a self-signed certificate:
- At the command line, log in as the PureMessage user (by default "pmx6").
- Change to the /opt/pmx6/etc/manager/ directory beneath the root PureMessage installation directory.
Generate a pmx-cert.pem file with the following command:
pmx-cert --dns=<fully qualified domain name of the server> --email ="<Administrator's email address>" --ip=<IP address of the server> --url=http://<fully qualified domain name of the server>
- On the PureMessage Manager's Local Services: SSL Encryption page, edit the Private Key File text box so that it reads /opt/pmx6/etc/manager/pmx-cert.pem. Then ensure that the Same file as private key option button is selected, and click Save. You are prompted to accept the certificate. Select the option to accept it permanently.
- On the Local Services: Manager Status page, click Restart.