Community
Community

Find all you need to begin your THWACK journey, including documentation, missions, blogs, community groups, events, and media.
Command Central

Getting Started
MVP Program

MVP Program
Monthly Mission

THWACKcamp: The Mission
Blogs

Community Announcements

Product Blog
Groups

DevOps Discourse

Data Driven

SolarWinds Academy

See All Groups
Events

SolarWinds User Group

THWACKcamp

Bracket Battle
Media Vault

Movies & Mainframes

TechPod

THWACK Tech Tips

THWACK Livecast

SolarWinds Lab Archive

THWACKcamp Archive

See All Media
Products
Products

Find the best place to learn and ask questions about your SolarWinds products.
Observability

Observability Solutions

SolarWinds Observability

Hybrid Cloud Observability
Network Management

Network Performance Monitoring

NetFlow Traffic Analyzer

Network Configuration Manager

IP Address Manager

User Device Tracker

VoIP & Network Quality Manager

Log Analyzer

Engineer's Toolset

Network Topology Mapper

Kiwi CatTools

Kiwi Syslog Server

ipMonitor
Application Management

AppOptics

Loggly

Papertrail

Pingdom

DevOps
IT Security

Access Rights Manager

Identity Monitor

Security Event Manager

Patch Manager

Serv-U FTP & MFT
IT Service Management

SolarWinds Service Desk

Web Help Desk

DameWare Remote Support

DameWare Remote Everywhere

DameWare Mini Remote Control
System Management

Server & Application Monitor

Virtualization Manager

Storage Resource Monitor

Server Configuration Monitor

SolarWinds Backup

Web Performance Monitor
Database Management

Database Performance Analyzer

SQL Sentry

Database Performance Monitor

Task Factory
Content Exchange
Content Exchange

Find downloadable files and templates other users have built and found useful to share with others.
The Orion Platform

Alerts

Custom HTML

Custom Queries

Modern Dashboards

Reports

Scripts
Server & Application Monitor

API Pollers

Application Monitor Templates
Database Performance Analyzer

Custom Alerts

Custom Metrics

Custom Queries
Server Configuration Monitor

Policies

Profiles
Network Performance Monitor

Device Pollers

Universal Device Pollers
Network Configuration Manager

Config Change Scripts

Device Templates

Firmware Upgrade Templates

Policy Documents
SQL Sentry

Advisory Conditions
Web Help Desk

Style Sheets
Resources

Customer Portal
Create individual user accounts for your team, manage your licenses, download your SolarWinds software, create and track support tickets, and more.

Academy
A one-stop-shop for world-class training for SolarWinds products through on-demand videos, and instructor-led classes. All SolarWinds Academy content is included with every software purchase.

Support
Get help when you need it from a world-class support team, available to assist with technical product issues 24 hours a day, seven days a week, 365 days a year.

Partner Portal
Accelerate SolarWinds Partners’ ability to drive digital and IT transformation for customers with powerful tools, resources, and increased profit potential.
Free Tools & Trials
Store

Feature Requests Build SSL Certificate Wrapper tool for SW product(s) TomCat servers for ease of installation.

Implemented

over 2 years ago

DPA has implemented a Trusted Certificate Management page that allows you to view Java Trust Store certificates as well as import specific certificates into DPA to use by itself. You can also choose a database and apply a specific certificate to it.

Build SSL Certificate Wrapper tool for SW product(s) TomCat servers for ease of installation.

SolarWinds does not have a common GUI wrapper around all of their various Tomcat style implementations of Web Servers. Nothing in the standard installations of any of them deploys anything more than a self-signed certificate. There is no easy way to download a CSR for taking to a CA. Likewise there is no easy way to import the CA certificate, the intermediate certificates, nor the site returned certificate. Even better would be to import a certificate and matching keys in case you need to do a dead box migration. For a decent example of how to do this in a console GUI on a open source box, they need only look at the certificate manipulations that are done on the InfoBlox and PaloAlto appliances. Even the OOB tool on the Dell server consoles allows you to do this.

Take a look at what passes for current documentation for completing SSL work on the current products:

DPA - http://knowledgebase.solarwinds.com/kb/questions/5975/__fav

VMAN - http://knowledgebase.solarwinds.com/kb/questions/4397/__fav

LEM - http://knowledgebase.solarwinds.com/kb/questions/2698/Exporting+and+Installing+the+SolarWinds+LEM+Console+Certificate

STM - http://knowledgebase.solarwinds.com/kb/questions/4432/Setting+up+SSL+on+Storage+Manager+with+port+re-direction+from+port+80

And the corresponding "Advanced" to get a real Root CA issued or Intermmediate CA issued Certificate; why is there no documentation specifically at all. The "Advanced" is just a referral over to Apache TomCat site and you figure out the relatives paths and other information.

Advanced SSL Setup

DPA uses Tomcat as the web server. For advanced instructions on using SSL with Tomcat, please use the following link:http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html

So, a SolarWinds open challenge for 2016, get real with SSL implementations.

Build tools into each console for manipulating, placing and enabling the cetificates and SSL.

edsando

Top Comments

edsando over 8 years ago +3

OMG.. Look what I just found in the VMan instructions. Basically, a we refuse to help you statement!!! If you receive "Untrusted site" errors after adding your certificate, see the KB article about…

edsando over 8 years ago

Hey, those UtiDEV guys are alright.
They even have a forum discussion as to why continuing to promote self-signed certs as a "solution" is a totally awful practice.
Why no *Programmatic* SSL/HTTPS endpoint registration in UWS? - Web Server *PRO* Questions and Bug Reports - UltiDev For…
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
edsando over 8 years ago in reply to edsando

You know, you could see if you can license stuff from the Kiwi syslog product Web Service provider as well...
Again, to start off with, the Kiwi syslog server instructions are just another hack. Self-signed and get out of there. For someone selling and marketing a SIEM product, this is the poorest representation of quality.
Enable SSL support for Kiwi Web Access - SolarWinds Worldwide, LLC. Help and Support
But, you know, it did not have to be so. The Kiwi web interface provider, UltiDev LLC, has instructions to do this the right way, and it is a shame that some SolarWinds Lab techs don't do a walkthrough of the same things, maybe 20 minutes to cover SSL on all products with genuine CA Root signed certificates... UltiDev LLC spent the time and screen shots to do this with a cert vendor. You could do the same for your products, either submitted to "Simple Authority" for an internal Root for proof of concept, or doing the same with GeoTrust or GoDaddy.
Getting Free Real Server Certificate from StartCom - Web Server *PRO* Questions and Bug Reports - UltiDev Forum
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
edsando over 8 years ago in reply to edsando

Not much hard in InfoBlox:
Support Central: KB #3084: Importing SSL Certifica... - Infoblox Experts Community
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
edsando over 8 years ago in reply to edsando

Look at the step descriptions for the Palo Alto GUI.
Sweet, is it not?
Import a Certificate and Private Key
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
edsando over 8 years ago

So, hey, I just found out this would not be all that hard. You just need to use this content. It would work straight up in Windows servers. On your CentOS type boxes that are not necessarily setup for X-Windows, you just need to build a web interface to the same commands/scripts.
Using the Key Management Utility (IKEYMAN)
Use the Key Management Utility (IKEYMAN): IBM HTTP Server
Overview - KeyMan - IBM
KeyMan
Download KeyMan
IBM KeyMan 2016/03/03 16:27:49
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK^® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.