Generating an SSL Certificate Pair
Interprocess security works by ensuring that all servers have an identical copy of the SSL key pair, so that all traffic between them can be encrypted for transmission and decrypted on arrival.
About this task
The certificate pair is initially generated in PFX format. This creates a single password protected file containing the public and private keys forming the key pair. Some of the Discover documentation refers to the key pair as a whole as "the certificate".
When the PFX is imported on a server the password needs to be provided, and the key
pair is then imported into a hidden directory, split into its component parts as a
.cer
and .p12
file.Note: A self-signed certificate pair can be generated by the
DCSTool.exe utility included with version 12.1.8, a
process described below. If a customer wishes to use their own certificate pair
they can do so. For more information, see Notes.
Procedure
- On one of the Windows servers (typically the Portal/Reporting server) open a command prompt.
- Change Directory (cd) to <Discover Installation Directory>\Tools\.
-
Run the command DCSTool.exe create -site TLScert.pfx
<password>.
Note: The password must be composed only of standard ASCII characters and no spaces. For example DCSTool.exe create -site TLScert.pfx MyPassW0RD784.