ACME Certificate
The ACME Certificate page allows you to configure the ACME Server URL, thus enabling you to perform the following tasks on the devices managed by GigaVUE-FM:
- Issue and renew certificates
- Delete Certificates
- Audit
You can access the ACME certificate page from GigaVUE-FM as well the devices:
From GigaVUE-FM |
Go to Settings > System > Certificate > ACME Certificate
|
Use this for global configuration of all the devices managed by GigaVUE-FM |
From Devices | Go to Inventory > Node > Settings > Global Settings > ACME Certificate | Use this for configuration of individual devices and clusters. |
Certificate Issuance
To issue a certificate:
Note: You must add the root CA certificate of the ACME server using the CA List page.
- On the left navigation pane, click and select Certificates > ACME Certificate. The ACME Certificate page is displayed.
- Click Actions and select Issue. Enter or select the following details:
-
Click Save.
Field | Description |
ACME Server URL |
The ACME server URL. Note: This field is mandatory. |
Algorithm |
Algorithm. The default algorithm for device in classic mode is rsa-2048. The default algorithm for device in FIPS mode is prime256v1. Note: This field is optional. |
Renewal Days |
The next renewal date. The default renewal days is 1/3rd of the certificate validity period. Note: This field is optional. |
The ACME certificate is added to the list view and displays the following details:
Field | Description |
Cluster Name | The name of the cluster. |
Box Id | The box identifier of the node for which the certificate is issued. |
Domain | The domain name, which will be used as subject name as well as subject alternate name in the certificate. |
ACME URL | ACME URL |
Algorithm | Algorithm |
Next renewal date | The next renewal data. |
Expiry date | The expiry date of the certificate. |
Last request ACME URL | The last request status of the ACME URL. |
Last Request Type | The type of request. |
Last Request Status | The type of status. |
Certificate Renewal
To renew a certificate:
- On the left navigation pane, click and select Certificates > ACME Certificate. The ACME Certificate page is displayed.
- Click Actions and select Renew.
Certificate Deletion
Click Delete Certificate to delete the certificate. The devices will fall back to the default certificate process.
Audit
Appropriate events are captured in the Events page for certificates issuance and renewal process using the ACME client configured in GigaVUE-FM and the devices managed by GigaVUE-FM. The same is added as audit log.