This article discusses the SSL certificates utilized by TippingPoint devices.
Only the Security Management System (SMS) SSL certificate is replaceable. The TippingPoint Intrusion Prevention Systems (IPS) and Threat Protection System (TPS) devices utilize a special version of OpenSSL for the IPS certificates and as such they are not replaceable.
SMS Web Security SSL Certificate
You may want to replace the default security SMS security certificate with a root Certificate Authority (CA) signed certificate to establish a trusted relationship between SMS server and its web browser client connections. You can import an RSA X.509 certificate and an unencrypted PKCS#8-formatted private key encoded using DER or PEM format to be used as your SMS web security SSL certificate. If you experience problems with the web security SSL certificate, you can "Reset" the certificate to the default.
Note: If your SMS device is utilizing FIPS mode, you are not permitted to use custom web security SSL certificates.
How To: Import an SMS Web Security SSL Certificate
- Log in to the SMS from a client.
- On the SMS toolbar, navigate to the Admin->General tab. Within the SMS Web Security SSL Certificate area of the Admin (General) screen, click Import. In the Import Customer SMS Web Security Certificate dialog, enter the location of the X.509 or PKSSC#8 certificate that you want to import, or click Browse to locate the file on your system.
- Click Import.