For SAM to use a custom certificate, first it is required to install the certificate in the Snare central server, once the certificate has been installed, restart SAM so the new certificate can be detected and then go to SAM UI to "Settings"->"General->"Agent HTTPS Certificate" option and choose the certificate from the selection list.
To install the certificate the procedure is as follows:
Given a CA certificate file foo.pem, follow these steps to install it on Snare Central:
Create a directory for extra CA certificates in
/usr/local/share/ca-certificates:sudo mkdir /usr/local/share/ca-certificates/SAM
Copy the CA
.pemfile to this directory:sudo cp foo.pem /usr/local/share/ca-certificates/SAM/foo.pem
Let Snare Central add the
.pemfile's path relative to/usr/local/share/ca-certificatesto/etc/ca-certificates.conf:sudo update-ca-certificates
Restart SAM:
sudo /etc/init.d/snare restart
Go to SAM UI to “Settings” → “General”
Choose the correct certificate in “Agent HTTPS Certificate”