Getting started with SSL certificates

This topic provides a beginner-level description of the process for obtaining SSL certificates so you can implement secure communications (HTTPS) on your tape library.

To summarize the process, you will:

1. Install OpenSSL, if it’s not already installed.
2. Generate a private key. A private key is used to create a digital signature for the TS4500 web server. This file should be kept secure, as anyone with access to it may be able to gain access to the web server.
3. Generate a certificate. The certificate includes a public key that works together with your private key. Depending on your security requirements, you can generate either:
   • A certificate signing request (CSR), which is a certificate in a format that can be sent to a CA (certificate authority) for signing.
   • A self-signed certificate.
4. Create a certificate package.
5. Upload the certificate package to the tape library.

Examples of the most common OpenSSL command options are provided here. Refer to the OpenSSL command help for additional options.