返回
-
标题
VIDEO: Installing a SSL web certificate into TPAM -
说明
How to generate and install a SSL web certificate from a TPAM created "Web Certificate Request" -
解决办法
This example is using a internal Windows 2016 Certificate AuthorityDownload the root CA certificates from the CA
1) Navigate to the CA, https://ca/CertSrv | "Download a CA certificate, certificate chain, or CRL" | Select DER encoding, and select "Download CA certificate"
Install the root CA certificates into TPAM1) From TPAM /admin interface | Keys | TPAM Trusted CA Certs | Select File | Select the CA cert (from step 7) | Click Upload | Select "Import Certificate"Repeat for any intermeidates CAs in the chain. The trusted CA certificates will automatically be replicated to any repliacs in the cluster.
Generate a web certificate request from the TPAM Primary1) From TPAM /admin interface | Keys | Web Certificate Request2) Complete the fields on the "Generate Web Certificate Request" page and click Generate3) Click "Download File" and save the Certificate Request File (.req) file to your desktop.NOTE: The certificate generated by the Certificate Authority (.CER file) is specific to the request file (.REQ file) that was used to generate it.Request a certificate from the CA
1) Navigate to the CA, https://ca/CertSrv2) Select "Request a certificate" | Select "advanced certificate request" | Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file. | copy in ALL the text from the certificate request file (from step 3)3) Change "Certificate Template" to "Web Server" | Click Submit4) Select "DER encoded" and click "Download Certificate"
Installing the certificate onto the Primary1) From TPAM /admin interface | Keys | Web Certificate Request | Click Select File | Select the .CER certificate file from above Click Upload | Select "Install Web Certificate"
Replicas
This certificate will not be replicated to the replca(s). To generate a new CSR and then add a web certificate to a replica it will need to be in failed over modeTo fail over a replica:1. Logon to the /admin interface of the primary appliance.2. Select System Status/Settings | Cluster Management from the menu.3. Select the cluster member to force the failover to.4. Click the Force Failover button.5. Click the Continue with Change button on the confirmation window.6. Click the "Cluster Status" tab to verify that the appliance has the mode of “FailedOver”. This may take a few minutes. Click the "Cluster Status" tab to refresh the page.7. Click the Home button