1. How to Use my Own Trusted Certificate in WebADM
During installation, WebADM generates its own certificate authority certificate and server SSL certificates. Yet, you can use your own SSL certificates instead of the pre-generated ones. Using a trusted certificate may be required when you use the RCDevs OpenID IDP, and to avoid user browser warnings when accessing the WebApps.
Just create the SSL certificate and key files in
/opt/webadm/pki/custom.key. WebADM will continue using its own CA certificate for issuing and validating user certificates (for PKI-based logins) and SOAPd services but will use your trusted certificate for the SSL on the HTTPd.
The certificate and key files must be in PEM format. If an intermediate certificate chain is required, then just concatenate your certificate file with the chained certificates in the same file.
Please set the file permission of
444 because it must be readable by WebADM.
[root@rcvm8 ~]# chmod 400 /opt/webadm/pki/custom.key [root@rcvm8 ~]# chmod 444 /opt/webadm/pki/custom.crt [root@rcvm8 ~]# ls -lha /opt/webadm/pki/ total 20K drwxr-xr-x. 4 root root 136 Oct 11 11:11 . drwxr-xr-x. 12 root root 245 Oct 8 15:23 .. -rw-r--r--. 1 root root 0 Oct 8 16:56 .master drwx------. 2 root root 48 Oct 8 16:56 ca -r--r--r--. 1 root root 1.1K Oct 11 11:11 custom.crt -r--------. 1 root root 1.7K Oct 11 11:11 custom.key drwxr-xr-x. 2 root root 54 Oct 8 16:56 trusted -rw-r--r--. 1 root root 1.1K Oct 8 16:56 webadm.crt -rw-r--r--. 1 root root 936 Oct 8 16:56 webadm.csr -rw-------. 1 root root 1.7K Oct 8 16:56 webadm.key
2. How to Use my Own Trusted Certificate in WebADM Publishing Proxy
The process is the same for WebADM Publishing Proxy (waproxy). Place the trusted SSL certificate and key files in
For WAProxy version 1.1.5 and older, you must instead replace the SSL certificate and key files in
/opt/waproxy/conf/waproxy.key with your trusted certificate and key files.