[VIPEG] VIPEG SSL Certificate and SAN(Subject Alternate Name)
Article ID: 202609
Updated On:
Products
Issue/Introduction
After VIPEG is installed SSL Certificate need to be installed.
But "Create SSL Certificate" section does not provide an input field for SAN.
Environment
Release : 9.9
Component : VIPEG
Resolution
When submitting the CSR (generated from VIPEG) to your Certificate Authority, you can provide them with the SAN(Subject Alternate Names) so they can issue the certificate with those SAN values.
In case if you are using "Microsoft Active Directory Certificate Services" then you can follow the steps below.
This is just for Proof of Concept purpose. Any issue you encounter, you will need to work with your System/Infrastructure/PKI Administrator to resolve.
1. Logon to MSADCS and download the CA Certificate(and its chain if applicable).
2. Import the CA Certificate(and its chain if applicable) to VIPEG.
3. Generate CSR from VIPEG
4. Submit CSR to MSADCS using "Web Server" template. Add the SAN value at this point!
You may have multiple FQHN(Fully Qualified Host Name) and even IP address to access your VIPEG.
For multiple values you can use ampersand to separate them as demonstrated below.
san:dns=vip.kimlabs.net&dns=ssp.kimlabs.net&dns=mfa.kimlabs.net
5. Import the certificate into VIPEG and set HTTPS.
6. Restart VIPEG and test.
Additional Information
Please vote for this enhancement request: https://community.broadcom.com/participate/ideation-home/viewidea?IdeationKey=211d74cf-743f-4a0b-90fb-ac9faa512d80
Attachments
Feedback
