The process of setting up
TLS on UNIX involves setting up Digital Certificates. The following are steps that you
need to take and information that you need to know to request digital certificates
and to add the certificates to a CA
trust list of certificates.
In
the third maintenance release of SAS 9.4, the process
for adding certificates to the trusted CA list has been made easier.
You can now use the SAS Deployment Manager at SAS installation to
add your existing digital certificates to the Trusted Certificate
Bundle of Mozilla certificates (trustedcerts.pem).
For more information,
see Add Your Certificates to the Trusted CA Bundle.
Here is much of the
process that needs to happen to set up digital certificates:
-
If your server comes with an instance
of OpenSSL, locate that directory. You will need that information
to set UNIX environment variable OPENSSL_CONF=.
-
Create a system (database or other)
to keep track of your signed certificates.
-
Create an openssl.cnf file. This
is optional. This file stores the locations of your CA keys.
For a partial example
of this file, see Example of an OpenSSL.cnf File .
-
-
-