Generate and Install SSL Certificates in Cloud Exchange

Generate and Install SSL Certificates in Cloud Exchange

When first installed, Cloud Exchange does not require an SSL certificate and the web server can be reached over an unencrypted connection.


There are two SSL-related folders created on the file system: ssl_certs and ca_certs.

If you want to add your own SSL certificate(s), you can add them to the ta_cloud_exchange/data/ssl_certs directory. The name of the certificate file should be cte_cert.crt and cte_cert_key.key. The steps below explain how to do this.

The ca_certs directory is used, for example, when you configure a plugin for an on-premises product (like MISP, QRadar etc.) that has a self signed SSL certificate issued by your organization. In this case, you need to put your CA certs in the ca_certs directory to add them to the trust chain.

After you have the certificate(s) you’d want to use for connecting to Cloud Exchange, follow the steps to install your private certificate(s) to securely access Cloud Exchange.

  1. Log in to your Cloud Exchange host via CLI.

  2. Browse to the directory ta_cloud_exchange/$.

  3. Execute the command run ./stop.

  4. Remove certificates by going to the /ta_cloud_exchange/data/ssl_certs directory and using these commands:

    $ rm -rf cte_cert.crt

    $ rm -rf cte_cert_key.key

  5. After the existing SSL certificate is removed, you can install your private SSL certificate.

    1. Copy new certs to /ta_cloud_exchange/data/ssl_certs ‘sudo cp -r ../<Path_of_SSL_Certificate>.

  6. Restart Cloud Exchange using the command $run ./start.

Share this Doc

Generate and Install SSL Certificates in Cloud Exchange

Or copy link

In this topic ...