Install VIOS SSL Certificate on Integrated Virtualization Manager

Tags
aix, certificate, install, ssl, vios

 
Thread Tools Search this Thread
# 1  
Old 12-10-2018
Install VIOS SSL Certificate on Integrated Virtualization Manager

Anyone have any procedures or tutorials on how to change the self-signed certificate on the IBM AIX VIOS Intergrated Virtulization Manager web site?

I've googled till my fingers broke and most links take me to generic replacements for IBM products that I don't have.

Any help is appreciated. Thanks!
# 2  
Old 12-11-2018
See IBM Ref, for a related hint:
IBM Knowledge Center - To replace the default certificate with a new self-signed certificat

Quote:
To replace the default certificate with a new self-signed certificate, complete the following tasks:
Click New Self-Signed.
On the Create New Self-Signed Certificate page, enter a unique value in the Key Label field.
Provide values for the other fields, and click OK.
The list of Personal Certificates contains your new self-signed certificate and the certificate with the default label.

Select the certificate with the default label and click Rename.
Enter a new label for the certificate, and click OK.
Select the new certificate and click Rename.
Enter default as the new label, and click OK.
To replace the default certificate with a new certificate that is signed by an external certificate authority, complete the following tasks:
In the iKeyman utility, select Create > New Certificate Request.
Enter a unique value in the Key Label field and provide values for the other fields.
Pay special attention to the value you provide in the Enter the name of a file in which to store the certificate request field and click OK.
A message is displayed that informs you where the file that contains your new certificate request is located. The message tells you to send that new certificate request file to your external certificate authority.

On the Message page, click OK.
The external certificate authority signs your new certificate request and sends back your new certificate. The external certificate authority might send their signer certificate or the external certificate authority might assume that you already have their signer certificate in the key database file.

If the external certificate authority sends their signer certificate, complete the following tasks:
Select Signer Certificates and click Add.
Provide the File Name and Location values of the file that contains the Signer Certificate and click OK.
If the external certificate authority assumes that you already have their signer certificate in the key database file, complete the following tasks:
Select Signer Certificates and click Populate.
Search the lists of CA Certificates, select the one(s) for the external certificate authority that signed your new certificate request, and click OK.
If the lists of CA Certificates do not contain the one(s) for the external certificate authority that signed your new certificate request, ask your external certificate authority to send their signer certificate.

Once you have the signer certificate for the external certificate authority that signed your new certificate request, complete the following tasks:
Select Personal Certificates and click Receive.
Provide the File Name and Location values of the file that contains your new certificate and click OK.
Select the certificate with the default label and click Rename.
Enter a new label for the certificate and click OK.
Select your new certificate and click Rename.
Enter default as the new label and click OK.
In the iKeyman utility, click Key Database File > Exit.
Stop and start the Device, Alert, or Web server.
See also:

IBM Knowledge Center - Configuring a self-signed certificate
# 3  
Old 12-11-2018
None of those links is what I have. I do not have "IBM Spectrum Control" available to me. I have a P8 with AIX installed with three LPARS the vios has a website that controls the LPAR's. It has a self signed cert. We need to put our own certificate on this.


The second link shows using '/opt/ibm/ccm/create_security_artifacts.sh' but that file is not found anywhere on my VIOS.


I think the keystore is here (not 100% sure): /usr/ios/lpm/gui/httpd/security/keystore/ibmjsse2.jks and .jts

|
Thread Tools Search this Thread
Search this Thread:
Advanced Search

More UNIX and Linux Forum Topics You Might Find Helpful
CronJobs issues after SSL certificate AGDesign Web Programming 0 06-28-2015 06:11 PM
SSL Certificate Stores Lost in Cyberia Security 4 06-12-2014 05:00 PM
SSL certificate generation error 8016 leo_ultra_leo Red Hat 4 09-17-2013 11:58 PM
WebLogic SSL enabling ignoring CA certificate szs Web Programming 1 05-17-2013 03:42 PM
SSL Certificate Renewal on Tomcat arumon Red Hat 1 01-16-2013 12:05 PM
setting netbeans to ignore from expired ssl certificate programAngel Programming 0 03-17-2012 12:36 PM
IBM Integrated Virtualization Manager wjace AIX 1 05-12-2011 08:01 AM
export SSL certificate lhareigh890 Web Programming 1 04-08-2011 01:09 PM
SSL certificate majid.merkava Security 1 01-07-2011 08:31 PM
Installing SSL certificate on AIX tibo51 AIX 4 10-23-2009 12:57 PM
SSL certificate netxus Web Programming 1 10-07-2009 12:57 AM
SSL Certificate Installation problem Trusevich Web Programming 2 03-23-2009 03:10 PM
Installing an SSL certificate in Blue Quartz mcraul UNIX for Advanced & Expert Users 1 02-05-2009 01:35 PM
Pearl script to automate SSL certificate import m_kk UNIX for Advanced & Expert Users 4 02-12-2008 04:24 PM