Versions Compared

Old Version 5

changes.mady.by.user Lonnie VanZandt

Saved on

compared with

New Version 6

changes.mady.by.user Brian Miller

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Linux RHEL/CentOS7 + Windows 2012-R2: step 5: fix chmod command typo (extraneous ":")

...

Code Block
languagebash
themeRDark
sudo cp host.domain.tld_CA-name_ca-chain_priv-key.pfx /etc/ssl/certs/.
sudo chown root:syndeia-cloud /etc/ssl/certs/host.domain.tld_CA-name_ca-chain_priv-key.pfx
sudo chmod ug:+rw /etc/ssl/certs/host.domain.tld_CA-name_ca-chain_priv-key.pfx

...

(info)  If you've updated firewalld too, use: sudo firewall-cmd --reload && systemctl restart sc-web-gateway

...

Windows 2012-R2+

1. Obtain full-chained cert, ie: root/signing CA + intermediate + issued cert (+ private key?) ( (info) Note, you may need to create a CSR via openssl or Java keytool or IIS and submit it to your CA / IT security admin).  

...

5. On the Syndeia Cloud server, launch Cygwin Terminal and copy the PFX (PKCS12) to the system's SSL cert directory & update ownership + permissions, where host.domain.tld = your server's FQDN, ie: syndeia-cloud.company.com:  

Code Block
languagebash
themeRDark
cp host.domain.tld_CA-name_ca-chain_priv-key.pfx /etc/ssl/certs/.
# may want to set ACLs as appropriate on /etc/ssl/certs/host.domain.tld_CA-name_ca-chain_priv-key.pfx
chmod ug:+rw /etc/ssl/certs/host.domain.tld_CA-name_ca-chain_priv-key.pfx

6.  On the Syndeia Cloud server, in the Cygwin Terminal, update the web-gateway service's conf/application.conf file to now include an HTTPS.conf file:

...