As needed, you can deploy custom SSL certificates for use by the PCA Web Console to secure access to the console.
Note: The encryption strength and other characteristics of the certificate must be defined to meet your enterprise requirements.
- Acquire or generate the SSL certificate.
- The PCA uses the default self-signed certificate and key provided.
- Tealeaf provides a utility script that simplifies the process of creating a self-signed certificate. This script produces a certificate by using with a reduced set of configuration options.
- The generated certificate and key file must be added to the Apache configuration file. This file is stored in the following location:
/usr/local/ctccap/etc/httpd.conf
- In the following example, the certificate file name is
tealeaf-web.crt
, and the key file name istealeaf-web.key
:Define SSLCERTFILE ${SYSCONFDIR}/tealeaf-web.crt Define SSLKEYFILE ${SYSCONFDIR}/tealeaf-web.key
- Save the file.
- Restart the PCA.
- All Web Console users must now connect by using SSL.
Enable PCA statistics information to display in the status report by creating a reference to the capture application server in the Portal Management page. In the Portal menu, navigate to Portal Management.
Remove or view certificate
If you want to remove or view the certificate, use the following procedure:
- Start Internet Explorer on the workstation that is running PortalStatus.
- Select Tools > Internet Options.
- Click the Content tab.
- Click Certificates.
- The Certificates window is displayed. Click the Trusted Root Certification Authorities tab.
- You can now select the certificate for removal or viewing.