Creating Client Authentication certificates and keys for Apex Local Manager

Configuring an ALM for TLS Syslog authentication requires a PKCS#12 file that contains the certificate and private key.

Procedure

  1. Create a self-signed certificate and private key. For example,
    openssl req -new -x509 -newkey rsa:2048 -days 3650 -sha512 -nodes -x509 -subj "/C=US/ST=<State>/L=<City>/O=IBM/OU=IBM Security/CN=ALM FQDN or IP Address" -keyout alm-client-syslog-tls.key -out  alm-client-syslog-tls.cert
  2. Create the PKCS#12 container:
    openssl pkcs12 -export -inkey alm-client-syslog-tls.key -in alm-client-syslog-tls.cert -out alm-client-syslog-tls.p12 -name "alm-client-syslog-tls"
    Attention: Make note of the password that you entered. The password is required when you configure the Apex Local Manager.