User guide

ManualsBrandsDell ManualsComputer HardwareBroadcom NetXtreme Family of Adapters

111

112

113

114

115

116

117

118

119

120

User Guide NetXtreme II

September 2013

Broadcom Corporation

Document INGSRVT78-CDUM100-R Detailed Procedures Page 117

Signature ok

subject=/C=US/ST=California/L=Irvine/O=Broadcom Corporation/OU=Engineering/CN=MGMTAPP-

LAB3/emailAddress=

Getting Private key

6. Enter the following command to verify the generated self-signed certificate.

openssl verify server.crt

The following output displays:

server.crt:/C=US/ST=California/L=Irvine/O=Broadcom Corporation/OU=Engineering/

CN=MGMTAPP- LAB3/emailAddress=

error 18 at 0 depth lookup:self signed certificate

Ignore the error message “error 18 at 0 depth lookup:self signed certificate”. This error indicates that this is a self-signed

certificate.

7. Convert the certificate from "crt" to "pkcs12" format, as follows:

For a Windows server, the certificate should be in pkcs12 format. Enter the following command:

openssl pkcs12 -export -in server.crt -inkey server.key -out hostname.pfx

You will be prompted for the following:

Enter Export Password:

Verifying - Enter Export Password:

Enter the password and be sure to remember it. The password is required when importing the certificate on the Windows

server and client.

8. Make a copy of the certificate file server.crt and place it on the server where BACS will be installed, so that it can be

imported. If you plan to use a Windows or Linux client to connect to the server running BACS, then the certificate also

needs to be transferred (copied and pasted) to the client system.

In Linux, the certificate should have the extension “.pem”. The extension “.crt” and “.pem” are the same, so there is no

need to use the openssl command to convert from .crt to .pem. You can simply copy the file as-is.

NOTE: A separate certificate must be generated for an IPv4 address, IPv6 address, and Hostname.

Install the Self-Signed Certificate on Windows Server

Transfer the file

hostname

.pfx you generated on the Windows server before you install the certificate:

1. Click Start (or press the Windows logo key) and select Run.

2. Enter MMC and click OK.

3. Click File > Add/Remove Snap-in.

4. Click Add.

5. Select Certificates and click Add.

6. Select Computer account.

7. Click Next and then click Finish.

8. Click Close, then click OK.

9. Open the Certificates (Local Computer) folder and then open the Personal folder.

10. Right-click Certificates, select All Tasks and then click Import.

11. Click Next to begin the Certificate Import Wizard.