HCL TECHNOLOGIES ABOUT US PRODUCTS & SOLUTIONS RESOURCES CONTACT US

Home
Configuration Guide
This guide is for administrators and IT managers who want to configure and customize IBM BigFix.
Additional configuration steps
These topics explain additional configuration steps that you can run in your environment.
Configuring HTTPS for REST API
Generating a Self-Signed Certificate

Generating a Self-Signed Certificate

To generate a self-signed certificate (cert.pem) from a certificate request file (cert.csr), perform the following steps:

Create a Certificate Signing Request (cert.csr).
Create a certificate file (cert.pem) from your private key (nopwdkey.pem) and certificate request file (cert.csr) using the following command (valid for 365 days):
```
openssl x509 -in cert.csr -out cert.pem -req -signkey nopwdkey.pem -days 365
```
Important: If you want to specify both the certificate and the private key files in the REST API HTTPS configuration, skip the following steps and see REST API HTTPS Settings.
Open up your private key file nopwdkey.pem in WordPad.

Copy the contents and paste them below the certificate in cert.pem, as in the following example:

-----BEGIN CERTIFICATE-----
MIICYjCCAcugAwIBAgIJANiRLK2nbg9oMA0GCSqGSIb3DQEBBQUAMEoxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRMwEQYDVQQHDApFbWVyeXZpbGxl
MREwDwYDVQQDDAhIRUlNREFMTDAeFw0xMjAzMTUwMjA5MzdaFw0xMzAzMTUwMjA5
MzdaMEoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRMwEQYDVQQH
DApFbWVyeXZpbGxlMREwDwYDVQQDDAhIRUlNREFMTDCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEA5h5aCcN5Up5rNYn7a88dKAehe7CbKDtPF6jdrn52yShJc97f
mceJeIsnkVmBVRoIBevxFnNIKxMzzR52c0NKK2gU0ax2k6TWD8yVOHHFepBgcCyF
JD9y9g5u444+7S5vsXRpmAx7z3HYHHh9Jjiv7zLoN46Mu+7KpnZnJgFX0QcCAwEA
AaNQME4wHQYDVR0OBBYEFHJXtkgif6mZzQBcrp7U7yptf/WzMB8GA1UdIwQYMBaA
FHJXtkgif6mZzQBcrp7U7yptf/WzMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
BQADgYEARkkc8GmyFtuXsWmjvkUJvRkGJYiQ7LsO5Qg67ONcMr/beJDXsOR3w3lD
cDqCglnQuswNySrcAGDPctDJwE2cZbcvpVdNlUd1UdXnbzHAjg/buh6Uy5OYYc0y
NtbcKlPpgxvBp6cGua7K01bMeb379vXLNr1EcQG9KmlkHYqqJpU=
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAOYeWgnDeVKeazWJ
+2vPHSgHoXuwmyg7Txeo3a5+dskoSXPe35nHiXiLJ5FZgVUaCAXr8RZzSCsTM80e
dnNDSitoFNGsdpOk1g/MlThxxXqQYHAshSQ/cvYObuOOPu0ub7F0aZgMe89x2Bx4
fSY4r+8y6DeOjLvuyqZ2ZyYBV9EHAgMBAAECgYEAh2Jh/I6JaUcUsgn85l+SusNK
iTfNAO1ryfKqgYeboRtXo5kDGjkfstDDtargAU5wW/OFAn1OfzEr78i1TXjQP/2h
1ntvOobYeEsRFBlVdoC361GHKoSWMMbrymx75XIRmdW3cIHOSlpHfr2RA9WZfA2R
tn8gtITQNKed0uFyBskCQQD6IeYaxWegfoJwpcAmlTlYfyKXdSL9/DGsG+uhAIhU
pUWPwsH/uHR8/61wQ9coH1NEy2bVRT0qha1s9CvHA0OFAkEA64RD4t5oQcA+Q/2o
TtfYD3MB0NQJVL2KwJaW9hr4+osMQWJSSXTQuymMcd3tLJaS3eg0DVIsg0pO0GYx
bVKKGwJANF9IqK5QhkA225M46lswSKFGAuRZ0UgutlSaP3m3EdIRAIrMx9g9O7bk
/66UrCfy7WKRQ3Jd3jtjFn8Bc4fxaQJBALCVoRjPTThPXeA4piNHbvZWcrwS31Qs
MYao4lNwcdHYw72abLwq2/4Y7vbJQPU3iLLdUXnTbRCbfHCAzvp68pUCQQDX7iVR
Wjd9qVlgtR/6wxAQjSHSmlCyTfHA0ncVNzjEjZzA3FiCNq+gHFkBc6Kr4FxfNWCm
aoyVGYxl1LT+VHJA
-----END PRIVATE KEY-----

Refer to cert.pem on your BigFix server in the certificate path registry setting as described in REST API HTTPS Settings.