Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Creating Certificates for McAfee Vulnerability Manager


To connect through the Foundstone Open API, configure third-party certificates with the McAfee Certificate Manager Tool.

If the Certificate Manager Tool is not installed on the McAfee Foundstone Enterprise Manager server, contact McAfee Technical Support.

You must process client-side certificates into valid keystore and truststore files for JSA on the McAfee Foundstone Enterprise Manager server.

The McAfee Foundstone Enterprise Manager server must be compatible with the version of the FIPS-Capable OpenSSL used by the Foundstone Certificate Manager to correctly create the certificates. A Java Software Development Kit (Java SDK) must be present on this server for this processing. To obtain the most recentJava SDK go to the following website:

  1. Log in to the McAfee Foundstone Enterprise Manager server.
  2. Run the Foundstone Certificate Manager.
  3. Click the Create SSL Certificates tab.
  4. Type the host address for JSA.

    The certificate must be created with the host address for the JSA appliance that retrieves vulnerability data from the McAfee Vulnerability Manager.

  5. Optional: Click Resolve.

    If an error occurs when the Foundstone Certificate Manager attempts to resolve the host, type the IP address in the Host Address field . If the host cannot resolve, see Step 7.

  6. Click Create Certificate Using Common Name.
  7. Click Create Certificate Using Host Address.
  8. Save the compressed file that contains the certificate files to a directory on your McAfee Vulnerability Manager.
  9. Copy the pass phrase that is provided to a text file.
  10. Repeat this process to generate any more certificates for managed hosts in your deployment.

You are now ready to process the certificates to create the required keystore and truststore files. See Processing Certificates for McAfee Vulnerability Manager.