Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
Loading...
Loading...

HOWTO: How do I implement Security Reporting Center so that it uses a secure connection? (SRC 2.0)

Expand / Collapse


This article applies to:

  • Security Reporting Center 2.0

Question:

  • How do I implement Security Reporting Center so that it uses a secure connection?
  • Can Security Reporting Center use an SSL connection?

Procedure:

SSL Overview
Sensitive information is often transmitted between Web clients and Web servers. Protecting this information is typically accomplished by sending the data in an encrypted form and subsequently decrypting the data on the receiving side. The Secure Sockets Layer (SSL) protocol provides several features that enable secure transmission of Web traffic. These features include data encryption, server authentication, and message integrity. To enable secure communication from Web clients to Security Reporting Center using SSL, you must first enable SSL support.

Important!
The steps provided below describe how to enable basic SSL functionality and generate certificates only. Depending on your network configuration and security needs, you may need to consult outside documentation. For advanced configuration concerns, please refer to the SSL resources at the following two sites. 

http://www.apache.org/ 

http://www.modssl.org/

SSL Installation Procedure - Windows

  1. Install Security Reporting Center, using the instructions described in chapter two of the user guide, which can be found on the following Web page.

    https://support.trustwave.com/Security-Reporting-Center/documentation.asp

  2. Download the file SRC20_sslupdate.zip from the Article Attachments section below.

  3. Create a directory called sslupdate on your desktop.

  4. Unzip the contents of SRC20_sslupdate.zip into the directory on your desktop.

  5. From this directory, execute SSLUpdate.exe. This enables SSL for Apache and installs a self-signed certificate for testing purposes. You may access the secure interface at https://<hostname>:9443.

    * You may opt to install your own certificate at this point, or follow the instructions below.

To create a valid SSL certificate, follow these steps.

Using the openssl command line utility, generate an RSA private key.  The openssl utility is included in the Security Reporting Center distribution, and can be found in /common/apache/bin directory of your Security Reporting Center installation.

  1. Type the following at the command line.

     cd <Install Directory>/common/apache/bin

  2. Run openssl.exe.

  3. At the openssl> prompt, type the following.

    genrsa -des3 -rand ssl.rnd -out server.key 1024

  4. The openssl utility prompts you for a pass-phrase. Save this pass-phrase in a secure location.

    Note: If you want a DSA private key, replace genrsa with gendsa. To encrypt your key with DES rather than 3DES, replace -des3 with -des.

  5. Typically, the Apache Web server prompts for your pass phrase when the server is started. If you want to start Security Reporting Center without manual interventions, perform the following steps.

    • To copy the server key, type the following at the command line.

      copy server.key server.key.org

    • Run openssl.exe

    • At the openssl> prompt, type the following.

        rsa -in server.key.org -out server.key

    • Copy the private key to your Apache installation by typing the following. 

      copy server.key <Install Directory>/common/apache/conf/ssl.key

  6. Create a certificate signing request.

    • Run openssl.exe.

    • Type the following at the OpenSSL> prompt. 

      req -new -config openssl.cnf -key server.key -out server.csr

  7. The openssl utility prompts you for a variety of information. Provide information based on your Security Reporting Center installation. This creates the server.csr file. Send this file to a Certificate Authority for signing.

  8. When you get a response (signed certificate) from the Certificate Authority, copy the response to your Apache installation using the following command.

     copy <signed certificate> <Install Directory>/common/apache/conf/ssl.crt/server.crt

  9. Restart the NetIQ - Apache service. 

To create a valid SSL certificate, follow these steps.

Using the openssl command-line utility, generate an RSA private key.  The openssl command-line utility is included in the Security Reporting Center distribution, and can be found in the following directory.

<Install Directory>/common/apache/bin

  1. At the command line, type the following.

    cd <Install Directory>/common/apache/bin ps -ef > ~/.rnd ./openssl genrsa -des3 -rand ssl.rnd -out server.key 1024

  2. The openssl utility prompts you for a pass-phrase. Save this pass-phrase in a secure location.

    Note: If you want a DSA private key, replace genrsa with gendsa. To encrypt your key with DES rather than 3DES, replace -des3 with -des.

  3. Typically, the Apache Web server prompts you for your pass phrase when the server is started. If you want to start the DCS without manual interventions, use the following steps.

    • Type the following at a command-line.

        cp server.key server.key.org
        openssl rsa -in server.key.org -out server.key

    • To change the mode of the server.key file, type the following.

        chmod 400 server.key

    • To copy the private key to your Apache installation, type the following.

      cp server.key <Install Directory>/common/apache/conf/ssl.key

  4. Create a certificate signing request. Using the openssl command-line utility, type the following.

     ./openssl req -new -config openssl.cnf -key server.key -out server.csr

  5. The openssl utility prompts you for a variety of information. Provide information based on your Security Reporting Center installation. This creates the server.csr file. Send this file to a Certificate Authority for signing.

  6. When you get a response (signed certificate) from the Certificate Authority, copy the response to your Apache installation.

     cp <signed cert.> <Install Directory>/common/apache/conf/ssl.crt/server.crt

  7. Restart Apache with SSL enabled by typing this command. 

    <Install Directory>/common/bin/restartallui.sh

  8. To verify that your SSL-enabled Web server started, type the following.

     ps -elf | grep httpd

  9. If Apache has started, you should see several httpd processes running. If not, look at the <Install Directory>/common/apache/logs/error_log file for indications of the problems.

 

Notes:

With the release of Security Reporting Center 2.1, SSL configuration has changed.  For more information about configuring SSL for version 2.1, please see the following knowledge base article:

https://support.trustwave.com/kb/article.aspx?id=10359

This article was previously published as:
NETIQKB18260

To contact Trustwave about this article or to request support:


Rate this Article:
     
Tags:

Attachments



Add Your Comments


Comment submission is disabled for anonymous users.
Please send feedback to Trustwave Technical Support or the Webmaster
.