On its initial release the AppSense DataNow Essentials appliance did not have a way of exporting the SSL certificate. This has been addressed in the GA version of the Enterprise appliance. However, if you are implementing the Enterprise appliance and want to use the same certificate as you had on your Essentials appliance, then you need to get the certificate out in a form that you can upload to the appliance.
I have written a utility that is able to do this given the information from the Essentials appliance. However, and not surprisingly, some people are a little uneasy about uploading their private key to me (it isn’t kept at all – but that doesn’t matter to some).
So, I decided to write this post to detail how to create this certificate manually.
What do you need to do this?
- AppSense DataNow Essentials Appliance
- AppSense DataNow Enterprise Appliance
Step 1 – Gather the Information from the Essentials Appliance
- Login to the DataNow Essentials appliance Administration page
- Navigate to Configuration –> SSL Certificate
- Click Display Certificate
- Copy text from the textbox in the below screenshot into a text file
Step 2 – Split the Text into the Required Files
Now we need to copy out the individual parts to the certificate chain and this includes the private key. The best way to do this is to start at the bottom and work up.
- Copy out the private key by selecting the text starting with
-----BEGIN PRIVATE KEY-----and ending with
-----END PRIVATE KEY-----
- Save this file as
- Copy out the intermediate certificates, these will start with
-----BEGIN CERTIFICATE-----and end with
- Repeat item 3 for all other
- Save these files as
nis the number of the block copied
- Rename the
inter[n].crtwith the highest number to
Step 3 – Create the PKCS#12 File
- Open a command prompt and navigate to the directory containing the OpenSSL binary
- Enter the command
openssl pkcs12 -export -out output.pfx -inkey private.key -certfile cert.crt [-in inter[n].crt](repeat the
[-in inter[n].crt]block for as many
inter[n].crtfiles as you have)
- Enter and verify a password when prompted
Step 4 – Upload the PKCS#12 File to the Enterprise Appliance
You should be able to upload your generated file to the AppSense DataNow Enterprise appliance.
The upload facility can be found in Configuration –> SSL Certificate