Cisco Headend Digital Broadband Delivery System

 

4034689 Rev A 

83 

 

Follow these instructions to copy the billing system's HTTP-S server root CA 
certificate to the list of trusted certificate authorities. 
1  Obtain a copy of the root CA certificate in the CA certificate chain used to sign 

the billing system's HTTP-S server certificate and place it in the /etc/opt/certs 
directory of the DNCS. The root CA certificate must be in privacy-enhanced mail 
format (PEM) format. 
Note: The text file must contain the entire root CA certificate starting with 
BEGIN CERTIFICATE and ending with END CERTIFICATE. 
Example:   

-----BEGIN CERTIFICATE-----

 

MIICWjCCAcMCAgGlMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNVBAYTAlVTMRgwFg

 

VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IF

 

bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIF

 

b3QwHhcNOTgwODEzMDAyOTAwWhcNMTgwODEzMjM1OTAwWjB1MQswCQYDVQQGEw

 

UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZX

 

cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IE

 

b2JhbCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVD6C28FCc6H

 

iM3dFw4usJTQGz0O9pTAipTHBsiQl8i4ZBp6fmw8U+E3KHNgf7KXUwefU/ltWJ

 

r41tiGeA5u2ylc9yMcqlHHK6XALnZELn+aks1joNrI1CqiQBOeacPwGFVw1Yh0

 

04Wqk2kmhXBIgD8SFcd5tB8FLztimQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAG

 

GwnpXtlR22ciYaQqPEh346B8pt5zohQDhT37qw4wxYMWM4ETCJ57NE7fQMh017

 

3PR2VX2bY1QY6fDq81yx2YtCHrnAlU66+tXifPVoYb+O7AWXX1uw16OFNMQkpw

 

lZPvy5TYnh+dXIVtx6quTx8itc2VrbqnzPmrC3p/

 

 

-----END CERTIFICATE-----

 

Type the following command and press Enter to create the cacert.pem file: 

cat /etc/opt/certs/[billing server Root CA Crt] >> 
/etc/opt/certs/cacert.pem

 

 

Note: Replace [Billing Server Root CA Crt] with the root CA certificate of the CA 
chain used to sign the billing system's HTTPS server certificate. 
Important: Do not attempt to append the root CA certificate to the cacert.pem 
file using a text editor.