Install Custom Certificate on AWS

GigaVUE V Series Node, GigaVUE V Series Proxy, and UCT-V Controllers have default self-signed certificates installed. The communication between GigaVUE-FM and the fabric components happens in a secure way using these default self-signed certificates. However, you can also add custom certificates like SSL/TLS certificates to avoid the trust issues that occur when the GigaVUE V Series Nodes, GigaVUE V Series Proxy, or s run through the security scanners.

You can upload the custom certificate in two ways:

Upload Custom Certificates using GigaVUE-FM

To upload the custom certificate using GigaVUE-FM follow the steps given below:

  1. Go to Inventory > Security > Custom SSL Certificate. The Custom Certificate Configuration page appears.
  2. On the Custom Certificate Configuration page, click Add. The New Custom Certificate page appears.
  3. Enter or select the appropriate information as shown in the following table.

    Field

    Action

    Certificate Name

    Enter the custom certificate name.

    Certificate

    Click on the Choose File Button to upload the certificate.

    Private Key

    Click on the Choose File Button to upload the private key associated with the certificate.

  4. Click Save.

You must also add the root or the leaf CA certificate in the Trust Store. For more detailed information on how to add a root CA Certificate, refer to Trust Store.

The certificates uploaded here can be linked to the respective GigaVUE V Series Node, GigaVUE V Series Proxy, and UCT-V Controller in the Fabric Launch Configuration Page. Refer to Configure GigaVUE Fabric Components in GigaVUE-FM topic in the respective cloud guides for more detailed information.

Upload Custom Certificate using Third Party Orchestration

You can also upload custom certificates to GigaVUE V Series Nodes, GigaVUE V Series Proxy, and UCT-V Controller using your own cloud platform at the time of deploying the fabric components. Refer to the following topics for more detailed information on how to upload custom certificates using third party orchestration in the respective platforms:

For integrated mode:

For generic mode: