Enable TLS in the SEM reports application
The Transport Layer Security (TLS) option introduces an extra level of security for data transfers between the SEM reports application and the SEM database. Beginning with SEM 2021.2, TLS for Reports is enabled by default.
See SEM Create regulatory and compliance reports for information about using the SEM reports application.
Beginning with SEM 2022.2, the option to disable TLS was removed.
Enable TLS if disabled
If the SEM database is located on the same VM as the SEM Manager, perform the following steps. This is the most common arrangement.
-
Open the CMC command line.
See Log in to the SEM CMC command line interface for directions.
-
At the
cmc::manager>
prompt, typeexportcert
. -
Follow the prompts to export the SEM Manager CA certificate.
An accessible network share is required. Once the export is successful, you will see the following message:
Exporting CA Cert to
\\server\share\SWICAer -hostname.crt ... Success
. - At the
cmc::manager>
prompt, enterenabletls
. - At the
cmc::manager>
prompt, enterrestart
.
Import a self-signed certificate into the SEM Manager
Use the importcert
command in the CMC to import a signed certificate by any CA into the manager.
-
Open the CMC command line.
See Log in to the SEM CMC command line interface for directions.
-
At the prompt, enter
manager
. -
At the
cmc::manager>
prompt, typeimportcert
. -
Choose the network share path.
-
When prompted, confirm the share name.
-
When prompted for a file name, enter the full name of the certificate, including the CER extension.
-
When completed, the following message appears:
Certificate successfully imported.