This website uses cookies. By continuing to browse or login to this website, you consent to the use of cookies. Learn more.
OK
siemops
Commodore Commodore
Commodore
‎2019-09-30 17:52
601 views

How to "Present the certificate signing request (CSR) to CA (Certificate Authority)" via syslog-ng?

We are trying to obtain logs, via TLS syslog, from Palo Alto's Cortex Data Lake (https://docs.paloaltonetworks.com/cortex/log-forwarding/log-forwarding-app-getting-started/get-started-with-log-forwarding-app/forward-logs-from-logging-service-to-syslog-server.html).

From the ArcSight syslog-ng Smart Connector, running-on CentOS (with OpenSSL installed), I have generated a CSR (Certificate Signing Request) for the syslog-ng Smart Connector.

However, there are _no_ _instructions/documentation_ supplied by Micro Focus on how to _send_ the CSR (Certificate Signing Request) to the Certificate Authority to obtain a signed cert: From Micro Focus's "Syslog NG Daemon Configuration Guide": "Present the certificate signing request to a certificate authority and obtain a signed Syslog NG Daemon certificate." (It does not explain how to "send" the CSR.)


Can you please provide instructions on _how_ to send the CSR to a Certificate Authority (CA) so I can _obtain_ the "signed Syslog NG Daemon certificate"?

 

0 Likes
Reply
Report Inappropriate Content
4 Replies
Ionut Daniel Mosoiu
Fleet Admiral
Fleet Admiral
‎2019-09-30 21:20

Hello,

 

as I understand for this step says that "Present the certificate signing request ( *.csr file ) to a certificate authority and obtain a signed Syslog NG Daemon certificate". Take the *.csr file and send it to a Certificate Authority to be signed.

I think that now it's clear right?

 

Best Regards,

 

Daniel

 

0 Likes
Reply
Report Inappropriate Content
siemops
Commodore Commodore
Commodore
‎2019-10-01 14:14

Hi @Ionut Daniel Mosoiu,

I have the CSR file. What I am seeking is what _tool_ or _utility_ do I _use_ to "Present the certificate signing request (CSR) file to the Certificate Authority" and obtain the signed certificate from the Certificate Authority (CA)?

 

0 Likes
Reply
Report Inappropriate Content
Ionut Daniel Mosoiu
Fleet Admiral
Fleet Admiral
‎2019-10-01 14:22

Hello again,

 

to be honest with this part is not covered because there are so many ways to sign the certificate.

For example, in my lab, I am using openssl.  Here you have some links on how this is working.

https://stackoverflow.com/questions/21297139/how-do-you-sign-a-certificate-signing-request-with-your-certification-authority/21340898

https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs

https://www.itsfullofstars.de/2017/02/openssl-ca-to-sign-csr-with-sha256-sign-csr-issued-with-sha-1/

 

all the best,

 

Daniel

0 Likes
Reply
Report Inappropriate Content
kzamuda
Micro Focus Expert
Micro Focus Expert
‎2019-10-01 14:29

Hi,

You can use any CA to do that, such as digicert or GoDaddy or any other you prefer. See more details here:
https://www.beyondtrust.com/docs/remote-support/how-to/sslcertificates/create-ca-signed.htm

I hope this helps.

Regards,
Kresimir
0 Likes
Reply
Report Inappropriate Content
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.