IBM QRadar

Hi all,

I'm currently trying to install a wildcard ssl certificate in our IBM QRadar instance.

When I copy the certificate to /etc/httpd/conf/certs/ and run /opt/qradar/ca/bin/install_qradar_ssl_cert.sh, the fqdn is automatically taken over by the system as Subject: CN/DNS, even though this is not stated in the certificate.

When I try to install the certificate with the /opt/qradar/bin/install-ssl-cert.sh script, I get the following error:

[install-ssl-cert.sh] ERROR: my.qradar.hostname.local is missing from /root/cert/wildcard_cert/wildcard.cer
[install-ssl-cert.sh] ERROR: Certificate validation failed

Are wildcard certificates generally not supported or is there another way?
Unfortunately I could not find anything in the documentation.

Hello Phillip, 

Is this FQDN part of your wildcard cretificate?

openssl x509 -text -noout -subject -issuer -in /root/cert/wildcard_cert/wildcard.cer |tail -2

Regards

Hi all,

I'm currently trying to install a wildcard ssl certificate in our IBM QRadar instance.

When I copy the certificate to /etc/httpd/conf/certs/ and run /opt/qradar/ca/bin/install_qradar_ssl_cert.sh, the fqdn is automatically taken over by the system as Subject: CN/DNS, even though this is not stated in the certificate.

When I try to install the certificate with the /opt/qradar/bin/install-ssl-cert.sh script, I get the following error:

[install-ssl-cert.sh] ERROR: my.qradar.hostname.local is missing from /root/cert/wildcard_cert/wildcard.cer
[install-ssl-cert.sh] ERROR: Certificate validation failed

Are wildcard certificates generally not supported or is there another way?
Unfortunately I could not find anything in the documentation.

Hallo Comghall,

the FQDN of our system is not in the wildcard cretificate.

Regards

Hello Phillip, 

Is this FQDN part of your wildcard cretificate?

openssl x509 -text -noout -subject -issuer -in /root/cert/wildcard_cert/wildcard.cer |tail -2

Regards

Hi all,

I'm currently trying to install a wildcard ssl certificate in our IBM QRadar instance.

When I copy the certificate to /etc/httpd/conf/certs/ and run /opt/qradar/ca/bin/install_qradar_ssl_cert.sh, the fqdn is automatically taken over by the system as Subject: CN/DNS, even though this is not stated in the certificate.

When I try to install the certificate with the /opt/qradar/bin/install-ssl-cert.sh script, I get the following error:

[install-ssl-cert.sh] ERROR: my.qradar.hostname.local is missing from /root/cert/wildcard_cert/wildcard.cer
[install-ssl-cert.sh] ERROR: Certificate validation failed

Are wildcard certificates generally not supported or is there another way?
Unfortunately I could not find anything in the documentation.