Generating SSL certificates for CyberTrace Web

CyberTrace Web uses an SSL certificate for HTTPS connections. By default, CyberTrace Web uses a self-signed certificate and a private key that are generated during the installation of CyberTrace. The generated certificate is valid for two years.

We recommend that you generate a certificate that will be trusted in your infrastructure and configure CyberTrace to use this certificate instead of the self-signed certificate.

Before making changes, create a backup copy of the existing private key, certificate, and Feed Service configuration file.

To generate a trusted certificate for CyberTrace Web:

  1. Create a private key and a trusted certificate:
    1. Create a new private and public key pair.
    2. Use the public key to generate an SSL Certificate Signing Request (CSR).
    3. Sign the CSR request by using the trusted CA

      This creates a trusted certificate for the private key.

  2. Convert the private key and the trusted certificate to PEM format.
  3. Copy both the private key and the certificate to the %service_dir%/httpsrv directory.
  4. Edit the GUISettings > HTTPServer > SSLCertificatePath and GUISettings > HTTPServer > SSLPrivateKeyPath elements of the Feed Service configuration file if necessary so that they will contain the paths to the certificate and private key respectively.

    Save the Feed Service configuration file.

  5. Restart Feed Service.

Page top