DEV Community

Lulu
Lulu

Posted on

How to Replace the Default Self-Signed Certificate on SafeLine WAF

The SafeLine management platform comes with a self-signed certificate by default. While functional, it triggers a security warning each time you access the platform, requiring an extra click to bypass. If you'd prefer to use a trusted certificate, here's how you can make the switch.

Preparation

Ensure you have a trusted certificate and its corresponding private key file ready.

Implementation

1.Connect to the Server: Access the server hosting your SafeLine installation and navigate to the directory where the certificates are stored:

   cd /data/safeline/resources/management/certs
Enter fullscreen mode Exit fullscreen mode

2.Backup the Default Certificate: It's always a good practice to back up the existing certificate before making changes. Run the following commands:

   mv server.crt server.crt-2023-08-11
   mv server.key server.key-2023-08-11
Enter fullscreen mode Exit fullscreen mode

3.Replace with Trusted Certificate: Copy your trusted certificate and private key to this directory, and rename them as follows:

   mv your_certificate.crt server.crt
   mv your_private_key.key server.key
Enter fullscreen mode Exit fullscreen mode

Image description

4.Restart SafeLine Services: To apply the changes, restart the SafeLine services. If you're unsure which specific Docker container is running SafeLine, you can restart all SafeLine-related Docker containers:

   docker restart $(docker ps -q --filter "name=safeline")
Enter fullscreen mode Exit fullscreen mode

Image description

Verification

After restarting the services, access the SafeLine WAF management interface in your browser. You should now see that the platform is using the trusted certificate without triggering a security warning.

Image description

Website: SafeLine

Discord: Join Our Community

Top comments (0)