Mutual authentication requires certificate configuration on your IBM
QRadar console and on your
IF-MAP server.
This task provides steps to configure the certificate on your QRadar console. For assistance
configuring the certificate on your IF-MAP server, contact your IF-MAP server administrator.
Before you begin
Contact your IF-MAP server administrator to obtain a copy of the IF-MAP server public
certificate. The certificate must have the .cert file extension.
Procedure
-
Using SSH, log in to IBM
QRadar as the root user.
-
Access the certificate to the /opt/qradar/conf/trusted_certificates directory
-
Copy the SSL intermediate certificate and SSL Verisign root certificate to your IF-MAP server as CA certificates. For assistance, contact your IF-MAP server administrator.
-
Type the following command to create the Public-Key Cryptography Standards file with the
.pkcs12 file extension:
openssl pkcs12 -export -inkey <private_key> -in <certificate> -out
<pkcs12_filename.pkcs12> -name "IFMAP Client"
-
Type the following command to copy the pkcs12 file to the
/opt/qradar/conf/key_certificates directory:
cp <pkcs12_filename.pkcs12> /opt/qradar/conf/key_certificates
-
Create a client on the IF-MAP server with the certificate authentication and upload the SSL
certificate. For assistance, contact your IF-MAP server administrator.
-
Type the following command to change the permissions of the directory:
chmod 755 /opt/qradar/conf/trusted_certificates
chmod 644 /opt/qradar/conf/trusted_certificates/*.cert
-
Type the following command to restart the Tomcat service: