Configuring Custom SSL Certificates

Note. Custom certificates can only be added through a CLI.

DPX supports the use of custom SSL certificates to secure the HTTPS connection to the DPX Master Server's web interface. This feature allows administrators to replace the default, auto-generated certificate with their own, enhancing security and meeting specific organizational requirements.

By implementing a custom SSL certificate, you can:

Ensure secure communication between users and the DPX Web UI
Comply with your organization's security policies
Eliminate browser warnings about untrusted certificates

Prerequisites

A valid SSL certificate and its corresponding private key
Access to the DPX Master Server's CLI
Permissions to modify system files and restart services

Adding a Custom SSL Certificate

Create KeyStore File: Generate a keystore.jks file containing your SSL certificate and private key.

Attention! The KeyStore password and the private key password must be identical.

Replace Existing KeyStore:

cd /catalogic/services/opt-apigateway

Copy your keystore.jks to this directory, overwriting the existing file.

Update Configuration: Edit the certs.env file in the /catalogic/services directory, modifying the following values:

DEST_KEY_STORE_SSL_PASSWORD: Set to your KeyStore password
DEST_KEY_STORE_SSL_NAME: Set to the alias of your certificate in the KeyStore

Note. Ensure you have the necessary permissions to execute these commands.

Attention! Ensure that the passwords in the certs.env file match your KeyStore and private key passwords.

Apply Changes: Reboot your machine or restart DPX services using the following command:

sudo systemctl restart dpx-swarm.service

Troubleshooting

If you encounter issues after implementing your custom certificate:

Verify that the KeyStore file is in the correct location and has the proper permissions
Check the DPX server logs for any SSL-related errors

PreviousConfiguring Enterprise Information NextConnect to DPX Window

Last updated 9 months ago