Configuring Components

Generating a Management Server Certificate

Before you run the Security Proxy Wizard, you must generate or import a certificate for the Reflection Administrator management server. If you used an automated installer, an initial self-signed certificate is generated and you can skip this step.

If you installed Reflection using the archive files, generate a certificate using Security Setup:

  1. Start your servlet runner and log onto the Administrative WebStation.

  2. In Security Setup, click the Certificates tab.

  3. Generate or import a certificate.

  4. Enter the requested information, and then click Submit. For more information about each entry, click Help on the form page.

  5. Verify the information. Click Submit to generate the certificate, to generate the certificate signing request (CSR), or to import the key pair. If you generated a self-signed certificate or imported a key pair, proceed to the instructions for Running the Security Proxy Wizard.

  6. If you generated a CSR, you now have a private key. The private key is kept on your server, which should be physically and electronically secure. Submit the CSR to a commercial certificate authority (CA) or a private CA within your organization. Popular commercial CAs include VeriSign, Thawte, and Entrust. Follow the CA's instructions for submitting your request and obtaining a secure server certificate. The CA will verify your company information and issue a certificate. This process may take several days.

  7. When you receive the certificate from the CA, restart the Administrative WebStation, go to Security Setup > Certificates, and click the View and process pending certificate signing requests link. Click Process the signed certificate. Specify the requested information and select Install certificate. Click Submit to package the signed public key with your stored private key and install your CA-signed certificate on the management server.

Where To Go Next