AppSense DataNow Essentials SSL Certificate to PKCS#12 File

On its initial release the AppSense DataNow Essentials appliance did not have a way of exporting the SSL certificate. This has been addressed in the GA version of the Enterprise appliance. However, if you are implementing the Enterprise appliance and want to use the same certificate as you had on your Essentials appliance, then you need to get the certificate out in a form that you can upload to the appliance.

I have written a utility that is able to do this given the information from the Essentials appliance. However, and not surprisingly, some people are a little uneasy about uploading their private key to me (it isn’t kept at all – but that doesn’t matter to some).

So, I decided to write this post to detail how to create this certificate manually.

What do you need to do this?

  • OpenSSL
  • AppSense DataNow Essentials Appliance
  • AppSense DataNow Enterprise Appliance

Step 1 – Gather the Information from the Essentials Appliance

  1. Login to the DataNow Essentials appliance Administration page
  2. Navigate to Configuration –> SSL Certificate
  3. Click Display Certificate
  4. Copy text from the textbox in the below screenshot into a text file

DataNow Essentials Text

Step 2 – Split the Text into the Required Files

Now we need to copy out the individual parts to the certificate chain and this includes the private key. The best way to do this is to start at the bottom and work up.

  1. Copy out the private key by selecting the text starting with -----BEGIN PRIVATE KEY----- and ending with -----END PRIVATE KEY-----
  2. Save this file as private.key
  3. Copy out the intermediate certificates, these will start with -----BEGIN CERTIFICATE----- and end with -----END CERTIFICATE-----
  4. Repeat item 3 for all other -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- blocks
  5. Save these files as inter[n].crt where n is the number of the block copied
  6. Rename the inter[n].crt with the highest number to cert.crt

Step 3 – Create the PKCS#12 File

  1. Open a command prompt and navigate to the directory containing the OpenSSL binary
  2. Enter the command openssl pkcs12 -export -out output.pfx -inkey private.key -certfile cert.crt [-in inter[n].crt] (repeat the [-in inter[n].crt] block for as many inter[n].crt files as you have)
  3. Enter and verify a password when prompted

Step 4 – Upload the PKCS#12 File to the Enterprise Appliance

You should be able to upload your generated file to the AppSense DataNow Enterprise appliance.

The upload facility can be found in Configuration –> SSL Certificate

Upload PKCS