Controller Certificate Management¶
Aviatrix Controller uses a self-signed certificate by default. That is why you see “Not Secure” at the browser. You can make it secure by importing a signed certificate.
There are two methods to accomplish this:
- Import a Certificate with Key
- Generate CSR and Import a Certificate
Import Certificate with Key¶
This is the preferred approach compared to the next approach detailed below. Simply import ca.crt, server.crt and server.key to the Controller and you are done. In this method, the private key file server.key must match the server.crt.
Generate CSR and Import Certificate¶
In this approach, you generate a .csr file, get it signed, and then import to the controller.
Step 1. Generate the CSR file¶
After this step is executed, the csr is downloaded to your local host. A new popup window should appear to ask for CA cert. You should take this csr to a sign authority to get it signed and in return, you will get two files: ca cert and server cert.
Step 2. Import CA cert¶
When you obtain the CA cert, import/upload to the new pop up window, as shown below.
Step 3. Import Server cert¶
After CA cert is imported, a new pop up window appears for you to upload the server certificate, as shown below.
If everything works, you now have a signed certificate on the Controller!