Using a self-signed certificate
About this task
A self-signed certificate is also supported for customer testing.
Steps
-
Create a private key:
/opt/pingidentity/ase/bin/cli.sh create_key_pair -u admin -pWarning: create_key_pair will delete any existing key_pair, CSR and self-signed certificate Do you want to proceed [y/n]:y OK, creating new key pair. Creating DH parameter may take around 20 minutes. Please wait Key created in keystore dh param file created at /opt/pingidentity/ase/config/certs/dataplane/dh1024.pem
ASE CLI is used to generate a 2048-bit private key, which is in the
/opt/pingidentity/ase/config/certs/dataplane/dh1024.pemdirectory. -
Create a self-signed certificate. Use the CLI to produce a self-signed certificate located in
/pingidentity/ase/config/certs/dataplane/ase.csr./opt/pingidentity/ase/bin/cli.sh create_self_sign_cert -u admin -p Warning: create_self_sign_cert will delete any existing self-signed certificate Do you want to proceed [y/n]:y Creating new self-signed certificate OK, self-sign certificate created in keystore
-
Restart ASE by stopping and starting.