Generating a self-signed TLS certificate
Third-party CA certificates are required to install HCL Local License Server (LLS) on your host machine. However, you can also use the LLS installer to generate a self-signed certificate.
About this task
Important:
- It is advised that you use a trusted third-party TLS certificate and skip this step.
- Your usage model for LLS and your risk tolerance should be considered in your TLS certificate selection.
- The use of a self-signed certificate comes with no warranties or liabilities.
Procedure
- Go to the directory where the utility program is located.
-
From the command-line, run the utility program.
- On Windows, run the utility.bat file as an administrator.
- On Linux, enter the following commands with root
privileges:
chmod +x utility.sh./utility.sh
-
Specify the configuration information as the utility program prompts.
- Please choose what you want to do: 1. Generate Fingerprint 2. Generate TLS Certificate 3. Generate Both 4. Quit
- Press 2 for generating a self-signed TLS certificate.
- Enter FQDN (Fully Qualified Domain Name) (e.g. MYLLSSERVER.COM):
- Type the FQDN hostname.
- Enter Your Organization Name:
- Type a name for the organization, such as HCL.
- Enter Certificate Validity Period (days, default: 365):
- Specify the validity period of the certificate in days. The default value is 365.
- Enter the directory to store certificates:
- Specify a location where you want to store the certificate. The
following example message is displayed and indicates successful TLS
certification
generation:
Certificate request self-signature ok subject=c=US, ST=YourState, L=YourCity (Optional), O=HCL, CN=Local Licensing Server Default self-signed certificate generated successfully Certificate and key files are located in: C:\MHS\LLS\Certificate TLS certificate generation completed. Do you want to generate something else? 1. Generate Fingerprint 2. Generate TLS Certificate 3. Generate Both 4. Quit
- Press 4 to quit the process.