Before you begin
Note:
Applies to:
- Forcepoint Web Security, v8.5.x
- Forcepoint URL Filtering, v8.5.x
Perform the following steps on the Forcepoint management server to create (or re- create) Apache SSL certificates for the web protection management components.
Note that these are basic instructions for creating certificates. Changing the password on certificates is not included in these steps. Avoid changing passwords if possible.
Steps
-
Use the Windows Services tool to stop the following services:
- Websense TRITON - Web Security
- Websense Web Reporting Tools
-
Review the Websense\Web Security\apache\conf\ssl\openssl.txt file to verify that it contains correct information.
If the IP address of this machine has changed, for example, edit the IP address in the openssl.txt file to match.
Note: A batch file can be used to automate the tasks in Step 3- Step 8. See Using a batch file for Apache SSL certificate file operations. If using a batch file, run it, and
then skip to Step 8.
-
Go to the Websense\Web Security\apache\conf\ssl\automation\ directory and run the following scripts in the order shown:
- s1_newreq.bat
- s2_server_key.bat
- s3_server_crt.bat
- s4_server_p12.bat
-
Copy the Websense\Web Security\apache\conf\ssl\output\server.key file to:
Websense\Web Security\apache\conf\ssl\ssl.key\server.key
-
Copy the Websense\Web Security\apache\conf\ssl\output\server.crt file to:
Websense\Web Security\apache\conf\ssl\ssl.crt\server.crt
-
Copy the Websense\Web Security\apache\conf\ssl\output\cakey.pem file to:
Websense\Web Security\apache\conf\ssl\private\cakey.pem
-
Copy the \Web Security\apache\conf\ssl\output\manager.p12 file to:
Websense\Web Security\tomcat\conf\keystore\tomcat\ manager.p12
-
Use the Windows Services tool to start the following services:
- Websense TRITON - Web Security
- Websense Web Reporting Tools