IPS Trusted Certificate

leach_stuart · ‎11-29-2011

Hi,

I need to import a trusted wildcard certificate to AIP-SSM-10 and 20. I have looked via the IDM and can not see any certificate options, other than generate new.

Does anyone know if this is possible and if so how it is done.

I also need to amend the SSL ciphers as medium strength ciphers are found during a vulnerability scan, again i can not see any options to do this.

Any help or advice would be greatly appreciated.

Thanks

Stuart

andrey.dugin · ‎11-29-2011

If you want to replace SSL certificate you must do it via ssh using service account but it will only your responsibility.

You may edit SSL cipher suite and ssh version with service account too.

leach_stuart · ‎11-29-2011

Thanks for that.

Do you know if certificates can be imported and if so, do you have a link to any guides that might assist.

andrey.dugin · ‎11-29-2011

I think that certificates may be imported but I didn't try to do it. Service account gives you access to Linux of IPS and you may use a most of its commands but you must learn IPS OS architecture. You may tune IPS and you may crash its' sw part with reimage need.

I don't know if there are guides for this theme present on site.