Cisco Headend Digital Broadband Delivery System
Introduction to DNCS HTTPS Certificates
4034689 Rev A
75
The gen_cert _dncs Utility
The DNCS gen_crt_dncs SSL Configuration Utility includes options to execute
several of the steps necessary to generate and deploy certificates. The following is an
overview of the utility options:
several of the steps necessary to generate and deploy certificates. The following is an
overview of the utility options:
Option 1 — The DNCS gen_crt_dncs SSL Configuration Utility creates a self-
signed certificate (server.crt), private key (server.key), cachain.crt, and
cacert.pem files and then enables HTTPS. This option is used as part of the
Generating and Deploying Self-Signed Certificates (on page 117) method.
signed certificate (server.crt), private key (server.key), cachain.crt, and
cacert.pem files and then enables HTTPS. This option is used as part of the
Generating and Deploying Self-Signed Certificates (on page 117) method.
Option 2 — The DNCS gen_crt_dncs SSL Configuration Utility generates a
private key (server.key) and a Certificate Signing Request (CSR) file (server.csr)
in the /etc/opt/certs directory. The CSR must be signed by a CA on a DNCS
external CA.
private key (server.key) and a Certificate Signing Request (CSR) file (server.csr)
in the /etc/opt/certs directory. The CSR must be signed by a CA on a DNCS
external CA.
Option 3 — Not used.
Option 4 — This option allows you to check that the necessary files are available
and, if so, enables HTTPS.
and, if so, enables HTTPS.
-
If all needed files are available, HTTPS is enabled.
-
If any required files are not available, the output from this option includes
detailed information about missing files.
detailed information about missing files.
Option 5 — Exits the utility.