Installing certificates for multiple zone servers using external Certificate Authority

  • 7001288
  • 05-Sep-2008
  • 27-Apr-2012

Environment


Novell ZENworks 10 Configuration Management Installation - Server

Situation

Purpose
This document is for the purpose of providing direction on what certificates to use, and how to generate them for the first primary ZCM 10 server, and any additional servers added to the Zone.

Resolution

When using external certificates such as verisign, rapidssl, etc., it is important to follow the instructions in the documentation for generating a private key, and a public key certificate for each server in the zone.  The certificate for the CA is only required for the first server in the zone, with its own private and public keys, all the other servers will need to have there own private and public keys.  The CA will need to sign the .CSR for each server in the zone.

The instructions for doing this are noted below from the documentation heading: Section 2.3.3 Creating External Certificate Authority


Note:  The 3 files mentioned in the documentation will be the result of:
step 3:  Private Certificate
step 6:  Public Certificate
The 3rd file is the CA certificate, which will need to be retrieved from the provider like verisign or rapidssl.  If needed, run the openssl command from step 6 on this certificate to convert to .DER format required by the install.