Create a private key and self-signed certificate

Log on to the IWSVA server using the Command Line Interface (CLI).

Run the following command:

#openssl req -x509 -days 1289 -newkey rsa:1024 -keyout /tmp/root_key.pem -out /tmp/root_req.pem

This will create the following files:

/tmp/root_key.pem – contains the private key encrypted with the password you specified
/tmp/root_req.pem – contains the self-signed certificate

Copy the files from the IWSVA server to your local machine. You may use winscp.

Open the IWSVA management console.

Go to HTTP > HTTPS Decryption > Settings > Certificate Authority.

Click image to enlarge

Under Import CA section, set the following:

In the Certificate field, click Browse and and locate the root_req.pem file.
In the Private Key field, click Browse and locate the root_key.pem file.
In the Passphrase and Confirm passphrase fields, enter the password that you specified in Step 2.
Click Import CA > OK.

Click image to enlarge

Creating a Certificate Authority (CA) and setting a new certificate validity in InterScan Web Security Virtual Appliance (IWSVA) 6.5

Product / Version includes:

Interscan Web Security Virtual Appliance6.5

Last updated: 2021/08/28

Solution ID: KA-0007394

Category: Troubleshoot

Summary

The IWSVA certificate expires after a month, this means you need to renew it every month. You want to know how to create a new certificate and set the validity to resolve this issue.

Create a private key and self-signed certificate

Log on to the IWSVA server using the Command Line Interface (CLI).
Run the following command:

#openssl req -x509 -days 1289 -newkey rsa:1024 -keyout /tmp/root_key.pem -out /tmp/root_req.pem

This will create the following files:
- /tmp/root_key.pem – contains the private key encrypted with the password you specified
- /tmp/root_req.pem – contains the self-signed certificate
Copy the files from the IWSVA server to your local machine. You may use winscp.
Open the IWSVA management console.
Go to HTTP > HTTPS Decryption > Settings > Certificate Authority.

Click image to enlarge
Under Import CA section, set the following:
- In the Certificate field, click Browse and and locate the root_req.pem file.
- In the Private Key field, click Browse and locate the root_key.pem file.
- In the Passphrase and Confirm passphrase fields, enter the password that you specified in Step 2.
- Click Import CA > OK.
Click image to enlarge

Verify the validity

Log on to the IWSVA server using the Command Line Interface (CLI).
Run the following command:

# openssl x509 -text -inform PEM -in /tmp/root_req.pem

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Creating a Certificate Authority (CA) and setting a new certificate validity in InterScan Web Security Virtual Appliance (IWSVA) 6.5

Create a private key and self-signed certificate

Verify the validity

Creating a Certificate Authority (CA) and setting a new certificate validity in InterScan Web Security Virtual Appliance (IWSVA) 6.5

Product / Version includes:

Summary

Create a private key and self-signed certificate

Verify the validity