The first step is to generate the CSR, which will be displayed on the screen and can be copied into the Certificate Authority (CA) to request the certificate.
Note: Avoid using CTRL+C, as the terminal may log out.
CSR Creation on Controller A
create certificate-signing-request subject "/C=US/ST=NY/L=NewYork/O=ExampleCorp/OU=IT/CN=pvm-controllerA.example.com" extensions "/subjectAltName=DNS:pvm-controllerA.example.com,DNS:pvm-controllerA,DNS:pvm-controllerB.example.com,DNS:pvm-controllerB" CSR Creation on Controller B
create certificate-signing-request subject "/C=US/ST=NY/L=NewYork/O=ExampleCorp/OU=IT/CN=pvm-controllerB.example.com" extensions "/subjectAltName=DNS:pvm-controllerB.example.com,DNS:pvm-controllerB,DNS:pvm-controllerA.example.com,DNS:pvm-controllerA" Upload Procedure via SFTP
Use a Linux system with the necessary certificates.
Perform the operation on the controllers one at a time, restarting the service on each controller after completing the operation.
Connection to Controller A
sftp -P 1022 Admin@pvm-controllerA.example.com Upload the certificates:
put controllerA.cer cert-file:usr put RootCA_Example.cer cert-file:trust Activate the certificates and restart the service:
activate certificate service web usr_cert_a restart mc a full Connection to Controller B
After Controller A is fully operational, repeat the procedure for Controller B:
sftp -P 1022 Admin@pvm-controllerB.example.com Upload the certificates:
put controllerB.cer cert-file:usr put RootCA_Example.cer cert-file:trust Activate the certificates and restart the service:
activate certificate service web usr_cert_b restart mc b full Removing Certificates
If needed, remove the certificates from the controllers using the following commands:
remove certificate usr_cert_a remove certificate usr_cert_b Note: This procedure includes Subject Alternative Names (SANs) for both controllers, ensuring a seamless configuration even after restarts.
Visit our FAQ for more information Get more info about Goline