Installing a custom SSL key

IPCheck Server Monitor comes with a default SSL certificate so you can securely use the web interface through HTTPS. But when a browser connects to this server it will always show a message that the certificate is not correct (although the transmission is already secure).

If you want this dialog to disappear you must create, order, and install a full certificate as follows.

Install Open SSL

·      (if you don’t have access to a machine with one, most Linux distributions should have it)

·      You can get a windows installer here: http://www.shininglightpro.com/products/Win32OpenSSL.html

·      Or check the list at the official website: http://www.openssl.org/related/binaries.html  

·      If you have to use a different operating systems check http://www.opensll.org for details

Create your CSR (Certificate Signing Request)

·      1. Open a command line window

·      Start->Run->"cmd"

·      2. Change to the folder the openssl.exe is located

·      e.g. cd c:\ssl\src\apps  (depending on your ssl installation)

·      3. Execute the following line:

openssl req -new -nodes -keyout ipcheck.key -out server.csr -config openssl.cnf

·      Answer the questions! What to enter depends on the registration company you want to use.

·      For e.g. InstantSSL check this url for more details: http://www.instantssl.com/ssl-certificate-support/csr_generation/ssl-certificate-openssl.html

·      This will create two files: The file ipcheck.key contains a private key. Do not disclose this file to anyone! The server.csr is your certificate request file.

Request your certificate

·      Go to your certificate company and order the certificate.

·      Provide the server.csr file you have created above when asked for it.

You should receive 2-3 files from the certification company

·      Rename the server certificate file to ipcheck.crt

·      Put all other files (root certificates from the issuer) into one text file and name it root.pem

Copy the files into the cert folder

·      Copy the following files into the /cert subfolder of your IPCheck installation replacing the existing demo certificates:

·      ipcheck.crt (the certificate of your server)

·      root.pem (the root certificates of the issuer)

·      ipcheck.key (pivate key of your server)

Now restart the IPCheck Server Monitor service.