CUC CA signed Multi SAN certificate and self signed certificate

geeta.kumari1 · ‎04-04-2018

Hi All,

We have a CUC where in we have CA signed Multi SAN certificate added. We have removed the self signed certificate ( tomcat-trust ) once they have expired but we can see the self signed tomcat trust certificates are regenerated automatically.

So does it means that self-signed certificates will be always available even though we are using CA certificate.

I have checked the serial number of the " show web-security" and the regenerated self signed certificate which dose not matches , so i believe these are not used by the CUC.

Can anyone please share view on this to better understand the certificate concept.

Regards,

Geeta

Jaime Valencia · ‎04-04-2018

You can only have ONE active certificate per service, you can have multiple x-trust certifcates per service.

HTH

java

if this helps, please rate

geeta.kumari1 · ‎04-04-2018

Hi Java,

If the main CA signed certificate is active, then the X-trust certificate of CA will be also in used I guess.

Also, when we delete the X-trust self signed certificate which are expired, then does the server regenerates automatically and are they anywhere required in any process.

Regards,

Geeta

Jaime Valencia · ‎04-04-2018

What version is this?

Can you post a screenshot of what you see?

Looking at my 12.0 I only see the certificates signed by my CA, even if a couple of them say "self-signed" in the type column, the issued by shows my CA.

HTH

java

if this helps, please rate