To ensure secure communications, via encryption between a web browser and the SMS Server, use the SMS web security SSL certificate. The client and server use an SSL certificate to encrypt the data passed between them. When SMS is configured for high availability (HA), the certificate is synchronized across nodes in the SMS cluster. You may want to replace the default security SMS security certificate with a root Certificate Authority (CA) signed certificate to establish a trusted relationship between SMS server and its web browser client connections.
You can import an RSA X.509 certificate and an unencrypted PKCS#8-formatted private key encoded using DER or PEM format to be used as your SMS web security SSL certificate. If you experience problems with the web security SSL certificate, you can reset the certificate to the default. TheSMS Web Security SSL Certificatearea displays the certificate information and allows you to import a new certificate or reset an existing one.
Note: The web security certificate is included in an SMS backup. It is also reset during factory reset.
Note: Only the SMS SSL certificate is replaceable. TippingPoint utilizes a special version of OpenSSL for the IPS certificates and as such they arenotreplaceable.
How To: Common Task
- Log in to the SMS from a client.
- On the SMS toolbar, navigate to the Admin > General tab.
How To: Import an SMS Web Security SSL Certificate
- Within the SMS Web Security SSL Certificate area of the Admin (General) screen, click Import.
- In the Import Customer SMS Web Security Certificate dialog, enter the location of the X.509 or PKSSC#8 certificate that you want to import, or click Browse to locate the file on your system.
- Click Import.
How To: Reset an SMS Web Security SSL Certificate
- Within the SMS Web Security SSL Certificatearea of the Admin (General) screen, click Reset.