Secure Sockets Layer Certificates
To establish a secure connection with a website or other server, the server presents a certificate to authenticate its identity. Certificates are an important component of Secure Sockets Layer (SSL) because they prevent others from impersonating a secure website or server.
The following types of certificates are supported:.
- Array certificate chain: Generated when the array is first started.
- Group certificate chain: Generated when the array is configured as a group leader.
- Custom certificate chain: (SSL Certificate) Either a self-signed certificate or a certificate generated by exporting the Certificate Signing Request (CSR) and then signing and importing the root certificate authority (CA) and signed certificates. This is the most secure type of certificate.
- Information about the key
- The identity of its owner
If the signature is valid, and the person examining the certificate trusts the signer, then they know that it is safe to use that key to communicate with its owner.
To get an SSL certificate, you must create a Certificate Signing Request (CSR). Then, you send the CSR data file to the CA and the response that you receive from the CA is your SSL certificate. This SSL certificate is the intermediate chain public key and you import the key through the GUI or CLI.
After you receive the certificate and install it on your server, the identity of your server can be authenticated.
You can also import a trusted certificate.