Skip to content

Generating a Self Signed SSL Certificate for the UI

Jump to bottom Edit New page
Stu Arnett edited this page Aug 21, 2024 · 5 revisions

3.1+
Note: Applies only to service installations with the UI

To use the UI over https, you must have an SSL certificate installed on the VM. If you followed the Service Installation, the default self-signed SSL certificate generated by Apache only lasts a year. In any case, you may have to generate a new self-signed certificate. If so, you can follow these instructions:

  1. Generate a new certificate and private key:
    • sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/pki/tls/private/localhost.key -out /etc/pki/tls/certs/localhost.crt
  2. Answer the questions appropriately
    • You can use the VM's hostname, IP, or localhost as the CN (Common Name)
    • Leave the email address blank
  3. If you are not using the service installation, or the default Apache SSL configuration on CentOS, you may need to move/rename the .key and .crt files and/or tweak the Apache conf file
    • See this guide, or appropriate documentation for your release of Apache
  4. Restart Apache:
    1. sudo systemctl restart httpd
Add a custom footer

Overview

Migrating Data

The UI

Clone this wiki locally