Skip to content

Optional: Replacing the default digital certificate

The default configuration of the Resource Manager web server uses a Zenoss self-signed certificate for SSL/TLS communications. Use this procedure to install your own digital certificate. Note: If your environment uses a reverse proxy, contact Zenoss Support for customized assistance.

To perform this procedure, you need:

  • the certificate and key files of a digital certificate from a certificate authority or from a digital certificate created with a utility such as OpenSSL Note: Certificates that require a passphrase are not supported.

  • superuser privileges on the Control Center master host

  • Log in to the Control Center master host.

  • Copy the certificate and key files of your digital certificate to /etc on the master host.

    You can store the files in any location that remains unchanged during operating system upgrades.

  • Configure Control Center to use your digital certificate.

    1. Open /etc/default/serviced with a text editor.
    2. Locate the SERVICED_CERT_FILE declaration, and then replace its value with the absolute path of your certificate file.
    3. Remove the number sign character (#) from the beginning of the line.
    4. Locate the SERVICED_KEY_FILE declaration, and then replace its value with the absolute path of your key file.
    5. Remove the number sign character (#) from the beginning of the line.
    6. Save the file, and then close editor.

  • Reload the Control Center service.

    systemctl reload serviced