Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Generating Certificate Authority (CA) private keys and certificates in InterScan Web Security Virtual Appliance (IWSVA)

    • Updated:
    • 16 Oct 2015
    • Product/Version:
    • InterScan Web Security Virtual Appliance 5.6
    • InterScan Web Security Virtual Appliance 6.0
    • InterScan Web Security Virtual Appliance 6.5
    • Platform:
    • Linux - Red Hat RHEL 5 64-bit
    • Linux - Red Hat RHEL 6 64-bit
Summary

Generate your own CA private key and self-signed certificate as an alternative to using a third-party CA. This is useful when enabling HTTPS decryption in IWSVA.

Details
Public

To create a private key and self-signed certificate:

  1. Log on to the IWSVA server using the Command Line Interface (CLI).
  2. Run the following command:

    openssl req -x509 -newkey rsa:1024 -keyout /tmp/root_key.pem -out /tmp/root_req.pem

    This will create the following files:

    • /tmp/root_key.pem – contains the private key encrypted with the password you specified
    • /tmp/root_req.pem – contains the self-signed certificate
  3. Copy the files from the IWSVA server to your local machine.
  4. Open the IWSVA management console.
  5. Go to HTTP > HTTPS Decryption > Settings > Certificate Authority.
  6. In the Import CA section, go to the Certificate field and browse to the location of the root_req.pem file.
  7. Go the Private Key field and browse to the location of the root_key.pem file.
  8. In the Passphrase and Confirm passphrase fields, enter the password that you specified in Step 2.
  9. Click Import CA > OK.

CA private key and self-signed certificate

For information on configuring HTTPS decryption, refer to the following IWSVA Administrator Guides:

Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Install
Solution Id:
1060746
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.