Vunetrix Network Monitor vCloud

Vunetrix Manual: Using Your Own SSL Certificate with Vunetrix's Web Server

This section will give you a brief overview on how to use your own trusted SSL certificate files with the Vunetrix web server.

What is SSL?

Vunetrix supports Secure Sockets Layer (SSL) to encrypt all data entered and shown in the Web Interface, in the Enterprise Console, or in the Smartphone Apps. That ensures that no sensitive information can be intercepted when sending data between the Vunetrix core server and your client software.

By default Vunetrix is already delivered with an SSL certificate so you can use secure connections to your Vunetrix core server. However, these certificate files are not signed by a valid authority, which is why browsers show an SSL Certificate Warning when you try to access the web interface. Despite this warning your connection is still encrypted successfully.

To remove the browser warning you can obtain a certificate that is valid for your own domain name and signed by a valid authority. The certificate must be provided in the correct format and can then be copied to your Vunetrix program directory (see Data Storage).

Vunetrix Needs PEM Encoded Format and Unencrypted Key

There are many different issuers for certificates, and there are different formats certificates can be provided in.

Vunetrix needs three different files, named correctly, containing data in the expected encoding and format:

  • prtg.crt: This is the certificate for your Vunetrix server. It has to be stored in PEM encoded format.
  • prtg.key: This is the private key matching your server certificate. It has to be stored in PEM encoded format and may not be encrypted! Please make sure that you provide this file in decrypted format! The best way to check this is to open the file in a text editor. If you find a line containing the word "ENCRYPTED", the file still needs to be decrypted before you can use it with Vunetrix. Please decrypt using an SSL tool (e.g. OpenSSL) and your key password.
  • root.pem: This is the public root certificate of your certificate's issuer. It has to be stored in PEM encoded format and must contain all necessary root certificates of your issuer in one file. If there is more than one PEM encoded root certificate, please use a text editor to copy all of them into a single file (the order does not matter).

Once ready, copy these three files to the /cert sub folder of your Vunetrix program directory (please backup existing files) and restart your Vunetrix core server service (see Vunetrix Server Administrator). Note: Vunetrix services won't restart if the files are not provided in exactly the expected format!

 

 

Next Topic

Keywords: Certificate,Certificate Trusted SSL,SSL,Web Server,Web Server Certificate