Documentation
LiveNAQuick Start GuideDownload PDF
LiveNA Quick Start Guide : Configuration : Self-Signed Certificate
Self-Signed Certificate
A self-signed certificate is already generated out-of-the-box based on a default network setup. This generated self-signed certificate assumes that the network interface that will be used to connect with LiveNX is eth0.
A. LiveNA SSL Certification Setup
1. Access the LiveNA shell – Use ssh to access LiveNA’s shell.
2. Locate the self-signed certificate - The self-signed certificate, named public-grpc-client.cert, is in: /data/livena/data/public-grpc-client.cert
This certificate contains the identification of the LiveNA machine using the IP provided in the network interface.
3. Transferring the self-signed certificate to LiveNX - With the certificate, it needs to be transferred over to LiveNX so LiveNX can properly identify LiveNA through scp. In the example command below, we assume that the IP of LiveNX appliance is 10.0.0.1:
$ scp /data/livena/data/public-grpc-client.cert admin@10.0.0.1:/data/livenx-server/data
This command copies the certificate over the LiveNX machine into the directory:
/data/livenx-server/data
4. Creating a truststore in LiveNX - Now that we have prepared the certificate for LiveNA, and copied it over the LiveNX, we need to set up a truststore in LiveNX to tell LiveNX to trust that certificate:
$ cd /data/livenx-server/data
$ keytool -import -trustcacerts -file public-grpc-client.cert -alias liveNxClient -keystore live-insight-edge.truststore -storepass 2pLTYHWlqlbZrLDFuBSi
This command should generate live-insight-edge.truststore file under /data/livenx-server/data/ directory
5. Create API Key - LiveNA comes with an executable called auth-management. This executable serves as the internal tool to create, list, and delete API keys within LiveNA. This key will be needed for by LiveNX during LiveNA configuration.
To create a key from the LiveNA shell, do the following:
$ auth-management -create LiveNX
Created client token for "LiveNX"
Client ID Access Token
--------------------------------------------
LiveNX AnnxerPFL8PLjewvJhV9PQSaDn1RmOThlY+njWzB+HU=
As the example shown above, a Client ID “LiveNX,” with the API key AnnxerPFL8PLjewvJhV9PQSaDn1RmOThlY+njWzB+HU= was created.
For LiveNA to recognize the change, LiveNA will need to be restarted:
$ sudo service livena restart
If a key has already been created, it can be viewed via:
$ auth-management -list
Client ID Access Token
--------------------------------------------
LiveNX AnnxerPFL8PLjewvJhV9PQSaDn1RmOThlY+njWzB+HU=