You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close

Looking for the Diagnostic Utility?

Click Here For Download and Usage Instructions

How to Utilize a Self-Signed Certificate for PortalGuard


Problem

You do not have an internal CA to use and would like to create a Self-Signed cert to use for PortalGuard access.

Solution

Use openssl.exe to create the necessary certificate and install it in the appropriate certificate stores. 
 

  1. Navigate to the PortalGuard server and locate the PortalGuard Install kit that was used to install PortalGuard.
  2. Open the 'ADDINS' folder
    • In older versions of the install kit, this folder was named '_Optional'
  3. Locate the following two files:
    • openssl.cnf
    • openssl.exe
  4. Use the following Command to generate a self-signed certificate via Open SSL:
    • openssl req -x509 -days 3650 -newkey rsa:2048 -keyout <PG_ServerName>.pem -out <PG_ServerName>.pem -config ./openssl.cnf
      • IMPORTANT NOTE: Be sure to replace the <PG_ServerName> placeholders with a new value representing the PG Server - also be sure NOT to include the angle brackets in the final command
    • Follow the on screen prompts to fill in the certificate information.
      • IMPORTANT NOTE: Make sure that the common name value for the self-signed certificate should be the server name
  5. Use the following command to create the PFX file via Open SSL:
    • openssl.exe pkcs12 -export -in <PG_ServerName>.pem -out <PG_ServerName>.pfx
      • IMPORTANT NOTE: Be sure to replace the <PG_ServerName> placeholders with a new value representing the PG Server - also be sure NOT to include the angle brackets in the final command
  6. Use the following command to create the CER file via Open SSL:
    • openssl x509 -outform PEM -in <PG_ServerName>.pem -out <PG_ServerName>.cer
      • IMPORTANT NOTE: Be sure to replace the <PG_ServerName> placeholders with a new value representing the PG Server - also be sure NOT to include the angle brackets in the final command
  7. Import the PFX file into the personal cert store on the PG server for the local computer.
  8. Import the CER file into the Trusted Root Certification Authorities on the PG Server.

REV. 10/2021 | PortalGuard

 

  • 159
  • 18-Oct-2021
  • 79 Views