Create SSL certificate
Previous pageGONext page

Purpose

This topic describes the steps to create an SSL certificate for the external virtual host that is associated with the Lucent CM system.

Wildcard certificate

When entering the fully qualified virtual host name of the Lucent CM system it is strongly recommended to enter it in the format *.<CommonDomainOfLCMApplServers>. This will create a “wildcard” certificate and prevents that a user gets security warnings when accessing the Lucent CM servers.

This is needed since the certificate is associated with one application server and the user may connect to different applications server because of the Lucent CM load balancing function. This would generate a security warning since there is a mismatch between the domain name in the certificate and the domain name of the application server.

A wildcard certificate ensures the client's web browser accepts the certificate if it is received from any of the servers with the CommonDomainOfLCMApplServers.

Create SSL certificate

Task StepsPerform the following steps:

1

Login to one of the Lucent CM nodes as “root”.

2

Execute the set certificate script. Enter the command:

sudo -u lps /opt/lps/current/bin/setcert.sh

3

Select y when prompted to generate a key to send to a certification authority.

4

Enter the following information:

  • Fully qualified virtual host name of the Lucent CM (preferably in the *.<CommonDomainOfLCMApplServers> format.

  • Organizational unit

  • Company name

  • City or location

  • State or province

  • 2 digit country code

  • Number of days the certificate is valid

Result:  The values you entered are listed for validation.

5

Enter y to accept the values.

To change a value, enter a number, change the value and enter y.

Result:  A certificate file named tomcat.pem is saved in the /opt/lps/current/tmp directory.

The certificate must be sent to a certification authority for signing.

End of steps

Previous page GO Next page
© Lucent Technologies