Omniscope web server includes HTTPS support, shipping out of the box a self-signed certificate located into the omniscope-server install folder (named keystore.jks.default).
If you want to use your own fully validated SSL certificate, you need to configure the path and the password of the keystore file containing the certificate.
Go to the Admin -> Network setting section, once you enable "HTTPS" the "SSL Configuration" section will appear for you to configure the certificate.
Generating Java keystore with the full chain of certificates
Follow these 6 steps to create your Java keystore:
- Generate your RSA Private key
keytool -genkey -alias myalias -keyalg EC -keysize 256 -sigalg SHA256withECDSA -keystore c:\yoursite.jks
- Generate a CSR
keytool -certreq -keyalg EC -alias myalias -file certreq.txt -keystore c:\yoursite.jks
- Use your CSR to request a new certificate from your chosen Certificate Authority (i.e. http://www.ksoftware.net/ssl_certs.html )
- Install the Trusted Root
keytool -import -alias YourTrustRootCert -keystore c:\yoursite.jks -trustcacerts -file c:\YourTrustRootCert.crt
**It may say that this root is already in the system wide store-- import it anyway.
- Install all the intermediate certificates
keytool -import -alias YourTrustIntermediateCert -keystore c:\yoursite.jks -trustcacerts -file c:\YourTrustIntermediateCert.crt
- Install the SSL Certificate under the same Alias that the CSR was created from (e.g. myalias)
keytool -import -alias myalias -keystore c:\yoursite.jks -trustcacerts -file c:\YourSiteCert.crt
You should receive a message: "Certificate reply was installed in keystore" if successful.
To generate keys and certificates, you can follow one of these two guides: