Link Search Menu Expand Document

HTTPS Certificate Template

On this template you select the type of certificate to use for EdgeConnect appliances within a template group. There are three options to set up an HTTPS certificate for appliances using templates.

  • End Entity Certificate: This is the recommended option. It automates certificate enrollment using an EST server and globally orchestrated end entity profiles if the profile Purpose is set to “TLS Server”.

  • Custom Certificate: This is a legacy option. You install your own custom certificate from a CA certificate authority.

  • Self Signed Certificate: This is the default option. Browsers will not show this as secure, and most IT departments will now allow this. If your enterprise intends to use the EdgeConnect web UI directly, you need to use one of the other options.

To use an end entity certificate (recommended):

Before configuring the HTTPS template to use an end entity certificate, you must first add an EST server profile and create an appliance end entity profile with a Purpose of “TLS Server”. If you have not created an appliance end entity profile, see End Entity Certificates Tab. After you have completed the profile, proceed with the following steps.

  1. Navigate to Configuration > Templates & Policies> Setup > Templates.

  2. Select the template group.

  3. If the HTTPS Certificate template is not active, click Show All and drag the template to the Active Templates column.

  4. Click End Entity Certificate.

  5. Select an appliance end entity profile from the drop-down menu.

  6. Click Save to apply the template changes to the template group.

To use a custom certificate (legacy method):

  1. Consult with your IT security team to generate a certificate signing request (CSR) and submit it to your organization’s chosen SSL Certificate Authority (CA).

    • Examples of Certificate Authorities include GoDaddy, Verisign, Comodo, Symantec, Microsoft Entrust, GeoTrust, and so forth.

    • All certificate and key files must be in PEM format.

  2. After the Certificate Authority provides a CA-verified certificate, navigate to Configuration > Templates & Policies> Setup > Templates.

  3. Select the template group.

  4. If the HTTPS Certificate template is not active, click Show All and drag the template to the Active Templates column.

  5. Click Custom Certificate, and then click Upload and Replace.

    The Add HTTPS Certificate dialog box appears.

  6. If your IT security team advises the use of an Intermediate CA, upload an Intermediate Certificate File. Otherwise, skip this file.

  7. Upload the Certificate File from the CA.

  8. Upload the Private Key File that was generated as part of the CSR.

  9. Click Add to close the Add HTTPS Certificate dialog box.

  10. Click Save to apply the template changes to the template group.


Back to top

© Copyright 2024 Hewlett Packard Enterprise Development LP.

To view the end-user software agreement, go to HPE Aruba Networking EULA.

Open Source Code:

This product includes code licensed under certain open source licenses which require source compliance. The corresponding source for these components is available upon request. This offer is valid to anyone in receipt of this information and shall expire three years following the date of the final distribution of this product version by Hewlett Packard Enterprise Company. To obtain such source code, please check if the code is available in the HPE Software Center at https://myenterpriselicense.hpe.com/cwp-ui/software but, if not, send a written request for specific software version and product for which you want the open source code. Along with the request, please send a check or money order in the amount of US $10.00 to:

Hewlett Packard Enterprise Company
Attn: General Counsel
WW Corporate Headquarters
1701 E Mossy Oaks Rd Spring, TX 77389
United States of America