Deployment Guide
Table Of Contents
- Dell Security Management Server Installation and Migration Guide v10.2.13
- Introduction
- Requirements and Architecture
- Pre-Installation Configuration
- Install or Upgrade/Migrate
- Post-Installation Configuration
- Administrative Tasks
- Ports
- SQL Server Best Practices
- Certificates
<Device Server install dir>\conf\application.properties. Set the value keystore.password =
<Security Server install dir>\conf\application.properties. Set the value keystore.password =
● Fully Qualified Server Name: Enter the fully qualified name of the server where the component you are working with is
installed. This fully qualified name includes the hostname and the domain name (example, server.domain.com).
● Organizational unit: Enter the appropriate value (example, Security).
● Organization: Enter the appropriate value (example, Dell).
● City or locality: Enter the appropriate value (example, Dallas).
● State or province: Enter the unabbreviated state or province name (example, Texas).
● Two-letter country code.
● The utility prompts for confirmation that the information is correct. If so, type yes.
If not, type no. The Keytool displays each value entered previously. Click Enter to accept the value or change the value and
click Enter.
● Key password for alias: If you do not enter another password here, this password defaults to the Keystore password.
Request a Signed Certificate from a Certificate Authority
Use this procedure to generate a Certificate Signing Request (CSR) for the self-signed certificate created in Generate a New
Key Pair and a Self-Signed Certificate.
1. Substitute the same value used previously for <certificatealias>:
keytool -certreq -sigalg SHA1withRSA -alias <certificate-alias> -keystore .\cacerts -
file <csr-filename>
For example, keytool -certreq -sigalg SHA1withRSA -alias sslkey -keystore .\cacerts -file
Dell.csr
The .csr file contains a BEGIN/END pair to use during the creation of the certificate on the CA.
Example .CSR File
2. Follow your organizational process for acquiring an SSL server certificate from a Certificate Authority. Send the contents of
the <csr-filename> for signing.
NOTE:
There are several methods to request a valid certificate. An example method is shown in Example Method to Request
a Certificate.
3. When the signed certificate is received, store it in a file.
4. As a best practice, back up this certificate in case an error occurs during the import process. This backup prevents having to
start the process over.
88
Certificates