I'm new to UCS Director and wanted to ask what's the process to import the Root and Intermediate certificate for a corporate CA servers.
I have checked the guide but there's not much in terms of process outlined.
You can import a CA signed certificate or self-signed certificate using the Import CA/Self-Signed Certificate option.
Step 1 From the Cisco IMC Supervisor Shell menu, choose the Importing CA/Self-Signed Certificate option and press Enter.
The following information is displayed:
Domain Name [localdom]:
Step 2 Enter the domain name and press Enter.
By default the shell menu selects the domain name of the local appliance that is configured.
Enter CA/self-signed certificate [/opt/certs/localdom.pem]:
Step 3 Enter the path to the CA signed certificate or self-signed certificate, and press Enter.
Enter private key [/opt/certs/localdom.key]:
Step 4 Enter the path to the private key and press Enter.
Enter keystore password:
Step 5 Enter the Java KeyStore (JKS) password and press Enter.
Information similar to the following is displayed
Exporting /opt/certs/localdom.pem to PKCS12 format....
Converting PKCS12 to JKS format...
Importing /opt/certs/keystore.jks into tomcat for secured access to UCSD UI using HTTPS.
Certificate /opt/certs/keystore.jks imported to tomcat succesfully.
Do you want to import the certificate file:///opt/certs/localdom.pem into WebProxy for secured access to VM console through VNC [y/n]?:
Step 6 Enter y and press Enter to import the certificate file into WebProxy for secured access to the VM console through VNC.
Certificate file:///opt/certs/localdom.pem imported to WebProxy succesfully.
Press return to continue ...
Above is from the Documentation. Couple of questions I had.
1) As per the title, we use root and intermediate certs. Is there an order ie intermediate then root in the pem file or vice versa?
2) Of course I won't have the private key of the root and intermediate servers so do I have to repeat the process when importing the CA signed certificate for the host?
3) Could someone let me know what's this Java KeyStore (JKS) password and if this is just blank initially?
Would appreciate some help on setting up the signed cert for the UCS D portal.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: