Create a self-signed certificate for the gsa, Firefox, Chrome – Google Search Appliance Connectors Administration Guide User Manual
Page 20: Openssl (command line)
●
●
Turn on security with the server.secure property
Create a self-signed certificate for the GSA
For information about creating a self-signed certificate for the search appliance, see the
GSA Admin Console help page for
To get the GSA's freshly-created certificate to add it as a trusted host for the connector,
follow the procedure for your preferred browser or the command line.
Firefox
1. Navigate to the GSA's secure search: https://gsahostname/.
A warning page appears with the following message: "This Connection is Untrusted."
This message appears because the certificate is self-signed and not signed by a
trusted Certificate Authority.
2. Click, "I Understand the Risks" and "Add Exception."
3. Wait until the "View..." button is clickable, then click it.
4. Change to the "Details" tab and click "Export...".
5. Save the certificate in your connector's directory with the name "gsa.crt".
6. Click Close and Cancel to close the windows.
Chrome
1. Navigate to the GSA's secure search: https://gsahostname/.
A warning page appears with the following message: "The site's security certificate is
not trusted!" In the location bar, there should be a padlock with a red 'x' on it.
2. Click the padlock and then click "Certificate Information."
3. Change to the "Details" tab and click "Export...".
4. Save the certificate in your adaptor's directory with the name "gsa.crt".
5. Click Close and Cancel to close the windows.
OpenSSL (command line)
1. Execute the following command:
openssl s_client -connect gsahostname:443 < /dev/null
2. Copy the section that begins with -----BEGIN CERTIFICATE----- and ends with
-----END CERTIFICATE-----
(including the BEGIN and END CERTIFICATE
portions) into a new file.
3. Save the file in your connector's directory with the name "gsa.crt".