Manage::certificates

POSTED ON 24 August, 2016

The Certificates inventory table is used to manage the SSL certificates and CSR files to be used for the HTTP profile farms with HTTPS listener. It shows the properties of every certificate or Certificate Signing Request.

All the certificates have to be generated as PEM file to be valid for HTTP farms with HTTPS listener. By default a zencert.pem certificate is possible to be used and is not able to be deleted.

These are the description of the fields of the the Certificates Inventory table:

The File field is the certificate name ended with .pem or .csr extension, a descriptive text to identify the certificate in the future.

The Type field. If it is a .pem file, the type will be “Certificate”. If it is a .csr file, the type will be “CSR”.

The Common Name field is the domain common name for what the certificate or csr has been created.

The Issuer field is the Certified Authority that has signed the certificate. Not apply to csr files.

The Created on field. From this date the certificate is active. For a csr file, is the date when the request was made.

The Expires on field. Is the date when the certificate will expire. Not apply to csr files.

The Actions field shows the available options for every certificate or CSR, which could be:

MAIN ACTIONS

  • Upload Certificate: In order to upload a custom certificate it’s necessary to press this button. A new window is shown to upload a custom certificate through the Browse… button on your local computer.

    In order to upload the new certificate file it’s needed to press the Upload button. Automatically, the new file will be accessible for the balancer.

    Then we’re able to select the certificate uploaded to be used for the HTTP farms with HTTPS listener.

    The uploaded certificate file must contain a PEM-encoded certificate, optionally a certificate chain from a known Certificate Authority to your server certificate and a PEM-encoded private key (not password protected).

  • Create new CSR: Clicking this button, you will see the CSR form, so you can create one new CSR to get one new SSL certificate.

    CSR generation

    The fields for this form are:

    • Certificate Name: Give your certificate a name to identify it in the future. Example: ZLBSSL, Zen-SSL, ZLB-certificate, etc.
    • Certificate Issuer: Here you can select the issuer of your certificate
    • Common Name: FQDN of the server. Example: domain.com, mail.domain.com, or *.domain.com.
    • Division: Your department; such as ‘IT’,’Web’, ‘Office’, etc.
    • Organization: The full legal name of your organization/company. Example: Sofintel IT Co.
    • Locality: City where your organization is located.
    • State/Province: State or province where your organization is located.
    • Country: Country (two characters code, example: US) where your organization is located.
    • E-mail Address: Your email.
    • Key size: The size in bits of the key used to generate the CSR.

    At the bottom of the form click the Generate CSR button.

  • Buy SSL Certificate: If you have created a CSR previously, you need to get a new certificate for that CSR. Clicking on this button you will be redirected to the online store where you will find Zen Ready SSL Certificates for your Zen Load Balancer.

COMMON ACTIONS

  • Delete. When you click this button, the certificate or CSR file with this name will be deleted.
  • View. If you click this button, you will see a new window with the properties of the certificate or CSR, followed by the content of the certificate.
  • Download. Clicking on this button you will download the CSR or certificate file in order to can export it to another system.

ONLY CSR ACTIONS

  • Upload Certificate for CSR. Let you upload a certificate created through this CSR. The process is similar to upload a custom .pem certificate, but the certificate can be a .csr or .zip file. Once the certificate is uploaded, the CSR file will not be listed again in the Certificates Inventory. Instead, we will see a new PEM certificate.
Share on:

Documentation under the terms of the GNU Free Documentation License.

Was this article helpful?

Related Articles