HowTo Regenerate The TLS (SSL) Certificate For The NST WUI

From NST Wiki
Jump to navigationJump to search

Overview

This page demonstrates how to regenerate the SSL self-signing certificate for the NST WUI.

nstcert

The process of generating an SSL key and certificate files and then making use of them in a Apache® configuration file can be a time consuming process. The "nstcert" script attempts to automate part of the process by generating template files for use within the Apache® httpd daemon. The script also generates a PEM (Privacy-enhanced Electronic Mail) file.

Generate a new TLS Certificate for the NST WUI

If one needs to generate a new self-signing SSL certificate for NST WUI usage, the following help script: "/usr/libexec/nstwui-ssl-gencerts" may be utilized. It uses the nstcert script described above in combination with the configuration file: "/etc/nst/wui/nstcert.conf". Edit this file to suit your needs.

sudo /usr/libexec/nstwui-ssl-gencerts -r

The "-r" option is necessary to remove the previous SSL certificate.

Stricter Trusted Certificate Security Requirements