Using a self-signed certificate - PingIntelligence for APIs

Using a self-signed certificate - PingIntelligence for APIs - 5.2

PingIntelligence

bundle

pingintelligence-52

ft:publication_title

PingIntelligence

Product_Version_ce

PingIntelligence for APIs 5.2 (Latest)

category

APISecurity

AdvancedAPICybersecurity

Capability

Environment

Product

apisecurity

capability

linux

pi-52

pingintelligence

private

ContentType_ce

A self-signed certificate is also supported for customer testing.

Create a private key:

/opt/pingidentity/ase/bin/cli.sh create_key_pair -u admin
					-p

Warning: create_key_pair will delete any existing key_pair, CSR and self-signed certificate
Do you want to proceed [y/n]:y
OK, creating new key pair. Creating DH parameter may take around 20 minutes. Please wait
Key created in keystore
dh param file created at /opt/pingidentity/ase/config/certs/dataplane/dh1024.pem

Note:

ASE CLI is used to generate a 2048-bit private key, which is in the /opt/pingidentity/ase/config/certs/dataplane/dh1024.pem directory.

Create a self-signed certificate. Use the CLI to produce a self-signed certificate located in /pingidentity/ase/config/certs/dataplane/ase.csr.

/opt/pingidentity/ase/bin/cli.sh create_self_sign_cert -u admin -p
Warning: create_self_sign_cert will delete any existing self-signed certificate
Do you want to proceed [y/n]:y
Creating new self-signed certificate
OK, self-sign certificate created in keystore

Restart ASE by stopping and starting.