How To Create SSL Certificate?

How to Create an SSL Certificate? – Before  We Get Into This Topic, Let’s Learn Some Basics Of This Topic

How to Create an SSL Certificate? – Generate a Key and CSR

Tableau Server can be configured to use Secure Sockets Layer (SSL) encryption to ensure that access to the server is secure and that data exchanged between Tableau Server and Tableau Desktop is secure.

If you’re looking for Tableau Server for Linux, you’ve come to the right place. See SSL Certificate – Generate a Key and CSR for an example (Link opens in a new window).

Apache, which includes OpenSSL, is used by Tableau Server (Link opens in a new window). You may generate a key file and a Certificate Signing Request (CSR) with the OpenSSL toolkit, which may subsequently be used to obtain a signed SSL certificate.

How to make a key and a CSR?

An SSL certificate is required to configure Tableau Server to use SSL. Complete the following procedures to obtain an SSL certificate:

Set the OpenSSL configuration variable in the environment variable OpenSSL (optional).

  • Produce a key file.
  • Make a Request for Certificate Signing (CSR).
  • To obtain an SSL certificate, send the CSR to a certificate authority (CA).
  • Configure Tableau Server to use SSL using the key and certificate.

Additional information is available on the Apache Software Foundation’s SSL FAQ page(Link opens in a new window).

Configure a certificate for multiple domain names

Tableau Server supports multiple domains with SSL. Modify the OpenSSL configuration file, OpenSSL.conf, and configure a Subject Alternative Name (SAN) certificate on Tableau Server to create this environment. Look into it. Modify the OpenSSL configuration file below for SAN certificates.

Set the OpenSSL configuration environment variable (optional)

You can utilize the OpenSSL CONF environment variable to ensure that the right configuration file is used and that all configuration changes performed in later processes in this article achieve expected results without having to use the -config argument with every usage of openssl.exe (for example, you must set the environment variable to add a SAN to your certificate).

Note that the file path should not be enclosed in quotation marks when setting the Open SSL configuration environment variable.

Generate a key

Create a key file to use when creating a certificate signing request.

Navigate to the Apache directory for Tableau Server in the Command Prompt as an administrator. Run the following command, for example:

The key used in this command is 4096 bits long. Because communication encrypted with a less bit length is less safe, you should use a bit length of at least 2048 bits. If no value is specified, 512 bits are used.

To transmit to a certificate authority, create a certificate signing request.

To make the certificate signing request, use the key file you prepared in the previous step (CSR). To receive a signed certificate, you send the CSR to a certificate authority (CA).

Important: If you want to utilize SSL for several domains with a SAN certificate, follow the steps in For SAN certificates: Return to this page to generate a CSR after making changes to the OpenSSL configuration file below.

Create a certificate signing request to send to a certificate authority

An error message appears stating that the configuration information could not be loaded. In this scenario,

Set the OpenSSL configuration environment variable (optional) portion of this article to set an OpenSSL configuration environment variable.

Note: Type the Tableau Server name in the Common Name field. The URL that will be used to access the Tableau Server is the Tableau Server name. Tableau Server’s common name is, for example, if you type into your browser’s address bar. When a browser or Tableau Desktop tries to connect to Tableau Server and the common name does not resolve to the server name, issues will occur.

Use the key and certificate to configure Tableau Server

To get a digital certificate, send the CSR to a commercial certificate authority (CA). See the Wikipedia article Certificate authority (Link opens in a new window) for further information, as well as any related pages that can assist you to pick which CA to employ.

Send the CSR to a certificate authority to obtain an SSL certificate

Tableau Server may be configured to use SSL once you obtain both the key and the certificate from the CA. See Configure External SSL for the steps.

Use the key and certificate to configure Tableau Server

Some aspects of OpenSSL are disabled by default on a normal installation. To use SSL with multiple domain names, follow these steps to edit the OpenSSL.cnf file before generating the CSR.

For SAN certificates: modify the OpenSSL configuration file

  1. Insert the following line after the keyUsage line:
  2. To give the certificate permission to sign the certificate when producing a self-signed SAN certificate, do the following:
  3. To make the keyUsage line appear like this, add the callsign and keyCertSign: nonRepudiation, digitalSignature, key encipherment, callsign, keyCertSign are all examples of keyUsage.
  4. Provide the domain names you want to use with SSL in the [alt names] section.
  5. The findings are indicated in the graphic below, along with placeholder text that you would modify with your domain names.
  6. The file should be saved and closed.
  7. Complete the steps outlined in the section above under “Create a certificate signing request to send to a certificate authority.”