Register and Update the BeyondTrust Virtual Appliance
The BeyondTrust update server will not recognize the new appliance, nor can you browse to the public site or the /login interface, until you have completed the tasks in this section.
- Obtain an SSL certificate that matches your DNS name. Upload the certificate to your appliance and assign it to an IP address.
For detailed instructions, please see the SSL Certificate Guide.
An overview of the process is given below.
- Log into the BeyondTrust /appliance interface and create a certificate signing request (CSR) or self-signed certificate.
If the Secure Remote Access Appliance will be using a copy of the certificate from another Secure Remote Access Appliance or server, no CSR or self-signed certificate is necessary. Instead, export the certificate with its private key from the system on which it currently resides and import it to the Secure Remote Access Appliance.
- Send BeyondTrust Technical Support a copy of the SSL root certificate or appliance DNS address. Also send a screenshot of the /appliance > Status > Basics page.
If a self-signed certificate is used, the certificate serves as its own root certificate, and therefore, the self-signed certificate should be sent to BeyondTrust Technical Support. If a CA-signed certificate is used, contact the CA for a copy of their root certificate. If you have trouble contacting the CA, articles to assist with obtaining your root certificate can be found at www.beyondtrust.com/support. In either case, BeyondTrust Technical Support will need to know the DNS address of the appliance. If your DNS address is public and the SSL certificate is already installed, Support can retrieve a copy of the root from the public DNS address; in this case, it is not necessary to manually send the root certificate. If you send the SSL certificate, be sure it is in PKCS#7 (.p7b) format or DER (.cer) format. Do not send PKCS#12 (.p12 and .pfx).
For more details, please see Admin Interface