Reset Search
 

 
Article

Applying a host based SSL Certificate to a DME

Printable View
« Go Back

Information

 
TitleApplying a host based SSL Certificate to a DME
ProblemHow do I apply a host based SSL Certificate to my DME?
Solution

       In this example we will apply a host based certificate to a DME.  This procedure will use a certificate created by a Certificate Authority (CA) for a specific device using Certificate Signing Request (CSR) created from the device

·        Two helpful websites

o   https://www.sslshopper.com/ssl-certificate-tools.html

         o   https://www.digicert.com/kb/ssl-support/pem-ssl-creation.htm

Steps to create DME Certificate Request (CSR)

·       Log onto DME, navigate to System Configuration-->SSL Certificate

o   Fill out all the information in “Create a Certificate Request” section

 

o   Press “Generate Certificate Request to use with CA” button

 

o   Copy text generated and provide to CA

Starts with:  -----BEGIN CERTIFICATE REQUEST------

Ends with:   -----END CERTIFICATE REQUEST-----

 

 

Applying Certificate to DME

·       The certificate from the CA should contain (request entire certificate chain):

o   Primary Certificate

o   Intermediate Certificate(s)

o   Root Certificate

·       The file applied to the DME has to be in PEM format.

o   If the CA returned the pieces in .pem format the text simply needs to be copied from each piece and put in the correct order.

o   If the CA returned .cer files you can right click on them to open them with Notepad.  The text can then be copied from each file to create a .pem file

o   If you do not know which piece is which, use of the certificate tools website can help.

·       Creating the file in PEM format

o   Determine which is the Primary, Intermediate, and Root certificate

o   The order of the PEM should be:  Primary, Intermediate, Root (see pem-ssl-creation site)

o   Copy the text from each into a blank text file with BEGIN and END text for each section.

       Each section should start with:  -----BEGIN CERTIFICATE-----
Each section should end with:  -----END CERTIFICATE-----

o   Save file with .pem extension

·       Applying certificate to DME

o   Log onto DME, navigate to System Configuration-->SSL Certificate

o   Copy entire text from previously created .pem file into “Install New Certificate” window

 

 

 

o   DO NOT CHECK “PEM Includes Key” (the Private Key was created when the CSR was generated and is already installed on DME)

o   Click “Verify and Install New Certificate”

  •       DME will reboot

·       To test proper application of certificate

o   Open a browser and browse to the ULS URL for the DME

  •       https://<FQDN of DME>/cgi-bin/localip.cgi

o   It should return the IP address of the machine you browsed from

URL NameApplying-an-SSL-Certificate-to-a-DME

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255