forum.opsi.org

hi, I new in OPSI even new with system troubleshooting task.

I do install opsi-vm on our environment, and all look just fine but I notice when I try to use opsi on web browser.
When i browse with chrome/mozilla, the https ( https://<my server IP>:4447 or https://<serverhostname>:4447 )shown not secure. I just follow the instruction during 1st boot installation and on certificate part i do fill will correct details.

So, my question is How to make the https certificate secure?

Qemoo hat geschrieben:So, my question is How to make the https certificate secure?

It shows up as not secure because it is a self-signed cert.
You would have to use your own CA, which you would have to put in every cert store. Or you would use an external CA which is already present in most cert stores.

If other software in your environment also uses a self-signed cert, then I wouldn't bother.

so if i do have my own CA, which part on OPSI server i need to put it?

sorry i'm still newbie

Qemoo hat geschrieben:so if i do have my own CA, which part on OPSI server i need to put it?

in /etc/opsi/opsiconfd.conf you can set the location of your pem file.

okay noted. thanks for your help.

by the way, its is the CA file always in .pem or any like .crt?