Starting Service Pack 1, InterScan Web Security Virtual Appliance (IWSVA) 6.5 already uses HTTPS as added security for accessing the web console. By default, IWSVA uses a self-signed certificate. However, some organizations require to use their own SSL certificate to secure IWSVA's web console.
This article shows the procedure on how to use a custom certificate on IWSVA's HTTPS web console.
To use a custom certificate on IWSVA's HTTPS web console:
The following are required:
- Root Ceritificate Authority
- SSL Certificate generated for IWSVA
- Private key
Assuming the following files are available:
- ca.crt - Root CA in PEM format
- iwsva_cert.crt - SSL Certificate generated for IWSVA in PEM format
- server.key - Private key
- Import those files to a keystore by executing the following command on a Linux machine or on IWSVA:
openssl pkcs12 -export -in iwsva_cert.crt -inkey server.key -CAfile ca.crt -name "IWSVA" -out iwsva_euct_cert.p12
- Upload the iwsva_euct_cert.p12 to IWSVA console GUI > Administration > Network Configuration and provide the password of the private key.