Link Search Menu Expand Document

HTTPS Certificate Tab

Administration > General Settings > Setup > HTTPS Certificate

On this tab, you can view the HTTPS server certificate for each appliance. To edit, add, or assign an end entity certificate for a specific appliance, click the edit icon next to the appliance for which you want to add a certificate.

HTTPS Certificate Dialog Box

On this dialog box you select the type of certificate to use with the appliance. By default, EdgeConnect appliances present a self-signed server certificate to any client opening a TLS connection to the appliance web UI. To ensure secure communications, TLS clients will cryptographically verify that a trusted Certificate Authority (CA) issued the EdgeConnect certificate. If you use the default option, Self-Signed Certificate, browsers will show this as not secure; most enterprise IT departments will not allow this. Enterprises must set up an HTTPS server certificate for their EdgeConnect appliances if they intend to use the EdgeConnect web UI directly. However, it is highly recommended to perform all configuration through Orchestrator.

Orchestrator provides two methods to set up an HTTPS server certificate for EdgeConnect appliances. The first is new to release 9.4 where Orchestrator builds end entity certificates. This is the preferred method. With this method the user builds a Certificate Signing Request (CSR) in Orchestrator. As part of this process, Orchestrator creates the public key private key pair. The user downloads and submits the CSR for signing by a Certificate Authority (CA). The signed certificate is then uploaded in Orchestrator for use in one of several applications. The end entity certificate contains a label, which is significant to Orchestrator and allows this certificate to be used by referring to its label.

To use an End Entity Certificate:

NOTE: To use an end entity certificate, you must first create an end entity certificate for use. To do this, see End Entity Certificates Tab.

NOTE: With release 9.4, this must be performed one appliance at a time.

  1. Navigate to Administration > General Settings > Setup > HTTPS Certificate.

  2. Click the edit icon next to the appliance for which you want to add a certificate.

  3. Click End Entity Certificate and then select the end entity certificate from the drop-down menu.

  4. Click Save.

The other method (legacy method) requires everything to be done externally including creating the public key private key pair and creating the CSR. This legacy method is not recommended.

To use a Custom Certificate (legacy method):

  1. Consult with your IT security team to generate a certificate signing request (CSR), and then submit it to your organization’s chosen SSL Certificate Authority (CA).

    • Examples of Certificate Authorities include GoDaddy, Verisign, Comodo, Symantec, Microsoft Entrust, GeoTrust, and so forth.

    • All certificate and key files must be in PEM format.

  2. After the Certificate Authority provides a CA-verified certificate, navigate to Administration > General Settings > Setup > HTTPS Certificate.

  3. Click the edit icon next to the appliance for which you want to add a certificate.

  4. Click Custom Certificate, and then click Upload and Replace.

    The Add HTTPS Certificate dialog box appears.

  5. If your IT security team advises the use of an Intermediate CA, upload an Intermediate Certificate File. Otherwise, skip this file.

  6. Upload the Certificate File from the CA.

  7. Upload the Private Key File that was generated as part of the CSR.

  8. Click Add to close the Add HTTPS Certificate dialog box.

  9. Click Save.


Back to top

© Copyright 2024 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. Aruba Networks and the Aruba logo are registered trademarks of Aruba Networks, Inc. Third-party trademarks mentioned are the property of their respective owners. To view the end-user software agreement, go to Aruba EULA.

Open Source Code:

Hewlett Packard Enterprise Company
Attn: General Counsel
WW Corporate Headquarters
1701 E Mossy Oaks Rd Spring, TX 77389
United States of America