Enabling HTTPS for NXLog Manager - using custom certificate
Tags:
NXLog Enterprise Edition
#1
nervevector
Hello!
I’m looking through the steps to “Enabling HTTPS for NXLog Manager” using a CA signed cert. The documentation provided is rather limited (https://docs.nxlog.co/manager/current/installation/https.html)
Any additional information you can share would be appreciated.Thanks!
#1
nervevector
Hello! I’m looking through the steps to “Enabling HTTPS for NXLog Manager” using a CA signed cert. The documentation provided is rather limited (https://docs.nxlog.co/manager/current/installation/https.html)Any additional information you can share would be appreciated.Thanks!
Hi @nervevector,
Custom certificates can be used on Manager version 5.7.5935 (and above), which can be achieved by importing certificates to the keystore. Kindly follow the steps below to achieve this.
- Navigate to the jetty-base directory.
cd /opt/nxlog-manager/bin/jetty-base/etc
- Delete the keystore.p12 file
rm keystore.p12
- Create a new keystore.p12 file with OpenSSL as shown below, where
server.pemandserver.keyare the certificates which are to be imported to the keystore. The password can be used asjetty9.openssl pkcs12 -export -in /path/to/server.pem -inkey /path/to/server.key -out keystore.p12 -name nxlog-manager
- Import the new keystore.p12 into keystore.jks and select the replace option to yes.
keytool -importkeystore -srckeystore keystore.p12 -srcstoretype pkcs12 -destkeystore keystore.jks -deststoretype jks -srcalias nxlog-manager -destalias nxlog-manager...Importing keystore keystore.p12 to keystore.jks...Enter destination keystore password: jetty9Enter source keystore password: jetty9Existing entry alias nxlog-manager exists, overwrite? [no]: yes
That should import the certificates to the keystore.
