Call Us Now!

SANnav: Installing CA signed SSL certificate

SANnav SSL Certificate

SANnav Management Portal utilizes by default a self-signed certificate, which in most cases is considered as vulnerability. Therefore, it is highly recommended to replace it by a CA signed certificate. The SSL/TLS certificate ensures that the connection between clients and the server is secure.

The replacement is done in 2 steps. First, we will create a Certificate Signing Request, which will be signed by our Certificate Authority. Then the signed certificate will be imported to the SANnav. In addition, you will also need the root and the intermediate certificates to be imported.

Make sure to read the SANNav Management Portal guide for detailed information.

Creating SANnav Certificate Signing Request

  1. Log in to your SANnav server (RedHat/CentOS)
  2. Additionally, create a new directory under /root/, you can call it /root/certificates/ 
    cd /root
mkdir certificates
cd /root/certificates
  3. To start, we will create the certificate signing request (.csr) 
    openssl req -newkey rsa:2048 -nodes -keyout sannav.key -out sannav.csr
  4. Enter the certificate information regarding to your host and the company information
  5. Let your SANnav (sannav.csr) be signed by your Certificate Authority

At this point you would have received the signed certificate, together with the accompanying root and intermediate certificate.

Replacing the self-signed certificate

  1. Copy your signed certificate, together with the company’s root and the intermediate certificate to /root/certificates/
  2. First, we will need to merge the root and the intermediate certificate into one file. Use the following command: 
    cat intermediate_certificate.crt root_certificate.crt > bundleCertificate.pem
  3. Launch the script replace-server-cert.sh found under /<sannav-installation-directory>/bin/
  4. Complete the certificate file paths as requested by the wizard:
    – Enter the path for the ssl certificate including file name: /root/certificates/sannav.cer
    – Enter the path for the ssl key including file name: /root/certificates/sannav.key
    – If you have root and intermediate CA certificates, please chain them into a single certificate file and provide the path to the file. Press enter to skip this step. /root/certificates/bundleCertificate.pem
  5. Run the script restart-server.sh found under /<sannav-installation-directory>/bin/ to restart SANnav
  6. Restart your browser and you’re SANnav Management Portal will show a valid certificate.

Read here related articles about SANnav Management Portal
Preparing RHEL / CentOS Server for SANnav
Installing SANnav Management Portal 2.0

Any suggestion or question? Leave a reply below, or feel free to contact us.
Make sure to subscribe to our mailinglist to get the latest. No spam. Promised!

Share Article on:

Facebook
Twitter
LinkedIn

One Response

  1. Pingback: Installing SANnav Management Portal 2.0 - STORCOM Belgium

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts
Categories

Drop us a message or give us a call and we’ll get back to you as soon as we can.

Contact Us Today

STORCOM BV is a registered company operating under the Belgian law. Our main activity is IT Consultancy.

Registered Office: Apollostraat 175, 2600 Antwerp [BE]
VAT: BE 0721.881.423 | Bank: BE50 7340 6436 0418
Tel: +32 (0) 486 71 21 41 | Email: contact@storcom.com

Useful Links

Blogs

Copyright @ STORCOM BV 2023