Difference between revisions of "HowTo Regenerate The TLS (SSL) Certificate For The NST WUI"
(→Generate a new TLS Certificate for the NST WUI) |
(→Stricter Trusted Certificate Security Requirements) |
||
Line 14: | Line 14: | ||
= Stricter Trusted Certificate Security Requirements = | = Stricter Trusted Certificate Security Requirements = | ||
+ | <div class="centerBlock"><div class="noteMessage">'''Note:''' One may need to generate a new TLS certificate for the NST WUI do to stricter trusted security requirements (E.g., '''[https://support.apple.com/en-us/HT210176 Requirements for trusted certificates]''').</div></div> |
Revision as of 07:27, 22 November 2019
Contents
Overview
This page demonstrates how to regenerate the TLS (Deprecated predecessor: SSL) self-signing certificate for the NST WUI.
nstcert
The process of generating an TLS key and certificate files and then making use of them in a Apache® configuration file can be a time consuming process. The "nstcert" script attempts to automate part of the process by generating template files for use within the Apache® httpd daemon. The script also generates a PEM (Privacy-enhanced Electronic Mail) file.
Generate a new TLS Certificate for the NST WUI
If one needs to generate a new self-signing TLS certificate for NST WUI usage, the following help script: "/usr/libexec/nstwui-ssl-gencerts" may be utilized. It uses the nstcert script described above in combination with the configuration file: "/etc/nst/wui/nstcert.conf". Edit this file to suit your needs.
sudo /usr/libexec/nstwui-ssl-gencerts -r
The "-r" option is necessary to remove the previous TLS certificate.