Idea ID 2775751
Could I suggest that you support the following model is supported for certificates:
When generating the key, support the use of a service based CN, where the CN could be something like "ESM Servers"
And then within that cert, DNS alt names are defined containing the list of ESM server FQDNs and aliases.
You could in theory then use the same certs for your fleet of ESMs etc.
The current problem with this method is that ESM cannot determine the IP from the CN of "ESM Servers" because it assumes the CN will be the FQDN of that ESM host.
Suggestion applies for Loggers and other components too.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.