(3 votes, average: 5.00 out of 5)
Loading...How to Generate a CSR on Tableau Server?
(3 votes, average: 5.00 out of 5)Loading...
If you want to secure your Tableau Server using an SSL Certificate issued by a trusted Certificate Authority, you will need to generate a Certificate Signing Request (CSR).
A CSR is a file that contains information about your Tableau Server and Public Key used by the Certificate Authority (CA) to sign your SSL certificate. This guide will show you how to easily generate a CSR with OpenSSL as an administrator.
Prerequisites
First things first, make sure you have everything you need:
- You have installed and are running Tableau Server.
- You have administrative access to the hosting machine.
- OpenSSL is installed on your machine (it is bundled with Tableau Server via Apache);
- You have created a valid Fully Qualified Domain Name (FQDN) for your Tableau Server
- You have permission to write to the Tableau Server Apache directories.
- Also, familiarity with the command line will help.
Generate a CSR on Tableau Server for Windows
To create your CSR and private key files, follow these instructions:
Step 1: Open Command Prompt
Sign in as an administrator, then launch the Command Prompt.
Step 2: Navigate to the Apache bin directory for Tableau Server
The default directory looks like this:
C:\Program Files\Tableau\Tableau Server\packages\apache. <version_code>\binWhere you replace with the build number from your Tableau Server (example: 20183.18.1128.2033).
Step 3: Create the Private Key File
Run the command below to create your private key file :
openssl req -new -key yourcertname.key -out yourcertname.csr -config ../conf/openssl.cnfStep 4: Generate Your CSR Code
With the private key file you created in step 3, run the command below to generate your CSR code :
openssl.exe req -new -key yourcertname.key -out yourcertname.csrIf you see a warning about the directory usr/local/ssl not being found, please disregard it, as this directory does not exist on Windows.
If you receive an error saying that the configuration file cannot be loaded, you must set the OpenSSL configuration variable and rerun the CSR code command with the following argument :
- ..\conf\openssl.cnfStep 5 Fill in your details
The OpenSSL utility will create a form for you to fill in with your information. You will be required to complete the following fields:
- Country Name (2-letter code): Type in the two-letter code of your country. For example, the US.
- State or Province Name: Type the full name of the state in which your company is registered. For example, California.
- Locality Name: The city your business is located in. For example, San Francisco.
- Organisation Name: Type the full legal name of your business. For example, Your Company LLC. Leave this field blank for DV.
- Organisational Unit Name: This field has been deprecated; leave it blank.
- Common Name: Type the URL where you will connect to Tableau Server. For example, if you are accessing Tableau through yoursite.com, then this is your Common Name.
- Email Address: You will need to enter a valid email address.
- Extra Attributes: Leave these blank.
Congratulations! You have generated your CSR code!
Generate a CSR on Tableau Server for Linux
To create CSR and Private Key Files, use these steps.
Step 1: Change to the Apache Bin Directory
For the Tableau Server, change to the Apache bin directory as shown below:
/opt/tableau/tableau_server/packages/apache.<version_code>/binNote: The version_code attribute should contain the build number of your server. For example – 20183.18.1128.2033.
Step 2: Create Your Private Key File
Use the following command to create your Private Key file:
openssl genrsa -out <yourcertname>.key 2048Step 3: Create Your CSR Code
Use the following command to create your CSR Code:
openssl req -new -key yourcertname.key -out yourcertname.csr -config ../conf/openssl.cnfStep 4: Fill in your Information
You will now be prompted by OpenSSL to provide some personal information related to your contact information. The items that you need to provide are:
- Country Name (2-letter code) – Enter your two-letter country code (For example: CA for Canada).
- State or Province Name – Enter the complete name for the state in which your organization is located (For example: Ontario).
- Locality Name – Enter the complete name of the city in which your organization resides (For example: Ottawa).
- Organization name – Enter the full legal business name of your organization (For example: Your Company LLC). If you are creating a DV, please leave this field blank.
- Organizational Unit Name – This field is now deprecated and should be left blank.
- Common Name – Enter the URL(s) through which you will connect to the Tableau Server (For example: If you connect through yoursite.com, this is your common name).
- Email Address – Enter a valid email address.
- Extra Attributes – Leave these fields blank.
Next Step: How to Install an SSL Certificate on Tableau?
Conclusion
You can create a CSR (certificate signing request) on Tableau Server to set up secure communication through SSL/TLS encryption for your server.
The main consideration here is preparation (fixing any errors) and having a well-defined process to help ensure that you validate your server identity, and also secure all of the information being transferred between clients and the Tableau server.
After you receive the certificate from submitting the CSR, you will be able to continue configuring the SSL to protect your data as well as provide additional layers of compliance and trust for users of your analytic services.
