cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1301
Views
0
Helpful
4
Replies

PCP 11.0: How to create a certificate signing request

Hi,

 

i want to install an signed certificate from our internal CA. How can i create a CSR from PCP so i am able to request a certificate from my CA?

 

Kind Regards,

 

Robert

1 Accepted Solution

Accepted Solutions

Anthony Gerbic
Cisco Employee
Cisco Employee

Robert,

This is what I understand to be the process:

1. Generate private key

    To generate the server private key:

    /opt/cupm/httpd/bin/openssl genrsa -des3 -out server.key 2048

2. To generate the csr:

    /opt/cupm/httpd/bin/openssl req -new -key server.key -out server.csr

3. Give this csr to generate the certificate - -this will be .crt file.


4. Then follow these steps after you have followed the third party CA Procedure

Upload the third party cert
      A. If using a PCP 10.6 or later revision, use the Administration/Updates UI to load the cert.
      B. If using an older PCP revision do the following:
            - Copy the third party certificate and key file to /opt/cupm/httpd folder.
            - Edit the following line in ssl.conf file using vi (located in /opt/cupm/httpd/conf) as follows:

                 SSLCertificateFile /opt/cupm/httpd/<your_own_cert_file>.crt
                          
                 SSLCertificateKeyFile /opt/cupm/httpd/<your_own_key_file>.key
 
            - Save the changes and close the file.

5. Restart the Apache server by using the following commands:

        /opt/cupm/httpd/bin#./apachectl -k stop

        /opt/cupm/httpd/bin# ./apachectl -k start -DSSL

 

vi commands:

  •       navigate up/down with arrows
  •       <i> to get in edit mode
  •       type and paste in text
  •       use <del> to backspace and remove any text
  •       <ESC> to exit edit mode
  •       :wq to save and exit vi

 

Regards

View solution in original post

4 Replies 4

Jaime Valencia
Cisco Employee
Cisco Employee

It should be the same process as for 10.5, if not, simply look for this guide on 11.x

http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/collaboration/10-5/assurance/addendum/Cisco_Prime_Collaboration_10_5_Assurance_Addendum_for_User_Guides.pdf

HTH

java

if this helps, please rate

I tried this on our 11.0 PCP, but no luck.  The guide is talking about Assurance.  This is the Provisioning Manager we're looking at.

Thanks,

Anthony Gerbic
Cisco Employee
Cisco Employee

Robert,

This is what I understand to be the process:

1. Generate private key

    To generate the server private key:

    /opt/cupm/httpd/bin/openssl genrsa -des3 -out server.key 2048

2. To generate the csr:

    /opt/cupm/httpd/bin/openssl req -new -key server.key -out server.csr

3. Give this csr to generate the certificate - -this will be .crt file.


4. Then follow these steps after you have followed the third party CA Procedure

Upload the third party cert
      A. If using a PCP 10.6 or later revision, use the Administration/Updates UI to load the cert.
      B. If using an older PCP revision do the following:
            - Copy the third party certificate and key file to /opt/cupm/httpd folder.
            - Edit the following line in ssl.conf file using vi (located in /opt/cupm/httpd/conf) as follows:

                 SSLCertificateFile /opt/cupm/httpd/<your_own_cert_file>.crt
                          
                 SSLCertificateKeyFile /opt/cupm/httpd/<your_own_key_file>.key
 
            - Save the changes and close the file.

5. Restart the Apache server by using the following commands:

        /opt/cupm/httpd/bin#./apachectl -k stop

        /opt/cupm/httpd/bin# ./apachectl -k start -DSSL

 

vi commands:

  •       navigate up/down with arrows
  •       <i> to get in edit mode
  •       type and paste in text
  •       use <del> to backspace and remove any text
  •       <ESC> to exit edit mode
  •       :wq to save and exit vi

 

Regards

Hi Anthony,

 

thanks for your tip. Altough i am using version 11.0 bullet point 4.A did not work for me. I had to do it as bullet point 4.B describes it.

 

Thanks for your help.

 

Kind Regards,

 

Robert