Certificates are digitally signed statements that verify the authenticity of a server for security purposes. By default, ZENworks 7.3 Linux Management uses self-signed certificate Web services to authenticate a server. You can also import your own Secure Sockets Layer (SSL) certificate into the server.
Use the zlm-config --tomcat-certificate command to generate or import the SSL certificate. The command lists the following menu options:
Use this option to generate a new SSL certificate and a Certificate Signing Request (CSR) for it. Provide the required details, such as the name of the organization, the state, and the first two letters of the country name to generate the certificate. The hostname of the server for which the certificate is generated is CN.
A new certificate is created with the specified details and the CSR is stored in the specified path.
Use this option to generate the Certificate Signing Request (CSR) from the existing Tomcat certificate. You must specify the absolute file path to store the CSR. The default path is /tmp/zlm-cert.csr. You must use this CSR to get the certificate signed by a trusted Certificate Authority. For more information, see Section A.7.3, Import the Signed Certificate into the Keystore
After you use the CSR to have your certificate signed, use this option to import the certificate into the keystore. You must specify the absolute file path to store the certificate.
Use this option to import a third-party signed certificate into the Tomcat certificate store. If your certificate is not a PKCS12 certificate, you must first convert the certificate into PKCS12 format, and then use this option to import it. For more information on converting the certificate to PKCS12 format, see Section A.8, Converting a Signed Certificate into PKCS12 Format.
Use this option to import the CA certificates into the keystore. You must import the chain of CAs to successfully add the CA certificate in to the certificate store.
Use this option to exit the menu options.