Manage Certificates

On the Manage Certificates page, you can:

  • Add certificate authorities (CA) to the BeyondInsight for Unix & Linux trusted certificate pool
  • Upload server and client certificates for remote connections
  • Generate certificate signing requests

Add a Certificate Authority

An uploaded CA is added to the BeyondInsight for Unix & Linux trusted certificate pool.

When BeyondInsight for Unix & Linux connects to a remote service, a trusted CA in the BIUL database is added to the trusted certificate pool for that connection.

To add a CA:

  1. Select Settings > Certificates.
  2. Select Add Certificate > Upload a Certificate Authority.
  3. Select the arrow and navigate to the .pem file location.
  4. Click Upload File.

A CA can be removed when no longer required.

An uploaded CA is added to Solr during deployment or adoption actions for the Solr instance.

For more information, please see Install and Manage Solr.

Upload Certificates

When deploying a Solr instance or assigning a log server, BeyondInsight for Unix & Linux searches the host for a certificate with the same name (wildcards supported). If found, that certificate is used for the host. Otherwise, BeyondInsight for Unix & Linux generates a certificate using the BeyondInsight for Unix & Linux CA.

  1. Select Settings > Certificates.
  2. Select Add Certificate > Upload Existing Certificate.
  3. Select the host to copy the certificate to.
  4. Select a certificate type.
  5. Select the arrow and navigate to the certificate file location.
  6. Click Upload Files.

Create a Certificate Signing Request

You can create a request to sign a certificate by a CA. After the certificate is signed, you can upload to the host.

To request a signed certifcate:

  1. Select Settings > Certificates.
  2. Select Add Certificate > Create Certificate Signing Requests.
  3. Fill out the form with details, including host, common name, organization, and organization email.
  4. Select a certificate type: client or server.
  5. Select a SAN type: DNS Name, IP address, or email address.
  6. Click Create.

Pending status for certifcate signing requests in BeyondInsight for Unix & Linux

  1. After the request is created, you can view the Pending status for the request.

 

  1. Select the menu for the certificate and select Certificate Details.
  2. Click Download as PEM. After the certificate is signed, upload the certificate to complete the request.

Certificate Expiry

A warning icon indicates a certificate is expiring soon or is already expired.