Documentation forSecurity Event Manager

Enable TLS in the SEM reports application

The Transport Layer Security (TLS) option introduces an extra level of security for data transfers between the SEM reports application and the SEM database. Beginning with SEM 2021.2, TLS for Reports is enabled by default.

See SEM Create regulatory and compliance reports for information about using the SEM reports application.

Beginning with SEM 2022.2, the option to disable TLS was removed.

Enable TLS if disabled

If the SEM database is located on the same VM as the SEM Manager, perform the following steps. This is the most common arrangement.

  1. Open the CMC command line.

    See Log in to the SEM CMC command line interface for directions.

  1. At the cmc::manager> prompt, type exportcert.

  2. Follow the prompts to export the SEM Manager CA certificate.

    An accessible network share is required. Once the export is successful, you will see the following message:

    Exporting CA Cert to \\server\share\SWICAer -hostname.crt ... Success.

  3. At the cmc::manager> prompt, enter enabletls.
  4. At the cmc::manager> prompt, enter restart.

Import a self-signed certificate into the SEM Manager

Use the importcert command in the CMC to import a signed certificate by any CA into the manager.

  1. Open the CMC command line.

    See Log in to the SEM CMC command line interface for directions.

  2. At the prompt, enter manager.

  3. At the cmc::manager> prompt, type importcert.

  4. Choose the network share path.

  5. When prompted, confirm the share name.

  6. When prompted for a file name, enter the full name of the certificate, including the CER extension.

  7. When completed, the following message appears:

    Certificate successfully imported.