Create SSL certificate for Lucent Presence Solution
Previous pageGONext page

Purpose

This topic describes the steps to create an SSL certificate to authenticate the Lucent CM application server with the Lucent Presence Solution.

SSL certification process

When the SSL certificate is created, it must be signed by a certification authority and the signed certificate must be imported. Optionally a root certificate from the certification authority must be imported.

Wildcard certificate

When entering the fully qualified virtual host name of the Lucent CM system it is strongly recommended to enter it in the format *.<CommonDomainOfLCMApplServers>. This will create a “wildcard” certificate and prevents that the Lucent Presence Solution server gets security warnings when accessing the Lucent CM servers.

This is needed since the certificate is associated with one application server and the Lucent Presence Solution servers may get requests from different applications servers. This would generate a security warning since there is a mismatch between the domain name in the certificate and the domain name of the application server.

A wildcard certificate ensures the Lucent Presence Solution server accepts the certificate if it is received from any of the application servers with the CommonDomainOfLCMApplServers.

Create SSL certificate

Task StepsPerform the following steps to create a SSL certificate:

1

Login to one of the Lucent CM nodes as “root”.

2

Execute the set certificate script. Type the following command and press ENTER:

sudo -u lps /opt/lps/current/bin/setcert.sh -client ps_contact

3

Select y when prompted to generate a key to send to a certification authority.

4

Enter the following information:

  • Common name to use for the key

    The preferred value is LCMServer.

    The value must be same as used on the Lucent Presence Solution server.

  • Organizational unit

  • Company name

  • City or location

  • State or province

  • 2 digit country code

  • Number of days the certificate is valid

Result:  The values you entered are listed for validation.

5

Enter y to accept the values.

To change a value, enter a number, change the value and enter y.

Result:  A certificate file named tomcat.pem is saved in the /opt/lps/current/tmp directory.

The certificate must be sent to a certification authority for signing.

End of steps

Previous page GO Next page
© Lucent Technologies