Several users, myself included, have asked if it's possible to replace the self-signed certificate delivered with Alert Central. Here's how I did this:
First, I had to log in as root. Since the built-in "admin" user isn't in sudoers, it's not possible to use "sudo su -" to become root. The admin user also can't edit the sudoers file. I used these instructions as a starting point to boot the VM into single-user mode and change the password for root:
- Restart the Alert Central VM guest OS.
- Press the spacebar to interrupt the boot process (I'm using VMWare. You may have to experiment to find the key or keys to do this in your virtualization environment).
- In the GRUB menu, select the default boot option, e.g. CentOS (2.6.32-358.e16.x86_64) and press 'a'. This will bring up the command line used to boot the guest OS.
- At the end of the command line, backspace over rhgb quiet" and append "1" (numeral one) at the end.
- Press enter to continue the boot process. The guest OS will boot to a command prompt and you'll be root.
- If you're so inclined, you can use passwd at this point to change the root password.
Use keytool to create a new keystore and CSR, then use keytool again later to install the new certificate. In the example below, the new keystore file is /opt/apache-tomcat/conf/newKeystore.
Edit /opt/apache-tomcat/conf/server.xml to use the new certificate. Find the section starting with "<Service name="Catalina">" and edit the Connector that listens on port 8443:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreFile="/opt/apache-tomcat/conf/newKeystore" keystorePass="************" />
If you also want to have the Alert Central web site listening on port 443, you'll need to make two more changes.
In /opt/apache-tomcat/conf/server.xml, under "<Service name="Catalina">", edit the connector that listens on port 8080:
<Connector port="8080" protocol="HTTP/1.1"
In /opt/apache-tomcat/conf/web.xml, add the text below before the closing </web_app> tag:
Save your changes and restart the VM.