Controller Certificate Management

Aviatrix Controller uses a self-signed certificate by default. That is why you see “Not Secure” at the browser. You can make it secure by importing a signed certificate.

There are two methods to accomplish this:

  • Import a Certificate with Key
  • Generate CSR and Import a Certificate

Import Certificate with Key

This is the preferred approach compared to the next approach detailed below. Simply import ca.crt, server.crt and server.key to the Controller and you are done. In this method, the private key file server.key must match the server.crt.

Generate CSR and Import Certificate

In this approach, you generate a .csr file, get it signed, and then import to the controller.

Step 1. Generate the CSR file

gen_csr

After this step is executed, the csr is downloaded to your local host. A new popup window should appear to ask for CA cert. You should take this csr to a sign authority to get it signed and in return, you will get two files: ca cert and server cert.

Step 2. Import CA cert

When you obtain the CA cert, import/upload to the new pop up window, as shown below.

ca.crt

Step 3. Import Server cert

After CA cert is imported, a new pop up window appears for you to upload the server certificate, as shown below.

server_crt

If everything works, you now have a signed certificate on the Controller!