This website uses cookies. By continuing to browse or login to this website, you consent to the use of cookies. Learn more.
OK
psloat
Absent Member.
Absent Member.
‎2011-04-14 23:18
3740 views

ZEN 11 Certificate Authority

Hi All,

I have two primary zen 11 servers and I was wondering if its possible to generate a CSR from each primary server so that I can give each server a signed cert from my NDS CA? I want to avoid the SSL browser issues from self-signed certs when browsing to the ZCC and such.

If I cannot us my NDS CA as the cert signer, is there a way to give each server an externally signed cert?
Labels (2)
Labels
0 Likes
Reply
Report Inappropriate Content
6 Replies
Highlighted
CRAIGDWILSON
Micro Focus Expert
Micro Focus Expert
‎2011-04-15 03:21

Re: ZEN 11 Certificate Authority

There should not be any Browser errors going to your ZCC servers if your
DNS is correct.

On 4/14/2011 6:36 PM, psloat wrote:
>
> Hi All,
>
> I have two primary zen 11 servers and I was wondering if its possible
> to generate a CSR from each primary server so that I can give each
> server a signed cert from my NDS CA? I want to avoid the SSL browser
> issues from self-signed certs when browsing to the ZCC and such.
>
> If I cannot us my NDS CA as the cert signer, is there a way to give
> each server an externally signed cert?
>
>


--
Craig Wilson - MCNE, MCSE, CCNA
Novell Knowledge Partner

Novell does not officially monitor these forums.

Suggestions/Opinions/Statements made by me are solely my own.
These thoughts may not be shared by either Novell or any rational human.
--
Please give a hearty thumbs up to any post you find helpful!
To find articles by Craig Wilson simply follow the link: Craig Wilson's Tips!
0 Likes
Reply
Report Inappropriate Content
Highlighted
nop19832
Absent Member.
Absent Member.
‎2011-04-15 05:13

Re: ZEN 11 Certificate Authority

If you used a internal CA from the first primary, then would you not get a certificate error or warning if your browser don't trust it?

-- Niels I have always liked... Cowabunga! If you find this post helpful, please show your appreciation by clicking on the star below. A member must be logged in before s/he can assign reputation points.
0 Likes
Reply
Report Inappropriate Content
Highlighted
theflyingcorpse
Absent Member.
Absent Member.
‎2011-04-15 06:10

Re: ZEN 11 Certificate Authority

If you are on a computer with the CA pub cert installed, and you use the FQDN to reach the server, there should not be any warnings about certificate.
Or use FireFox to permanently avoid it on a per-server basis (Not FireFox 4, not supported with the addins until SP1, such as group policies and fileupload)
0 Likes
Reply
Report Inappropriate Content
Highlighted
nop19832
Absent Member.
Absent Member.
‎2011-04-15 07:30

Re: ZEN 11 Certificate Authority

Yep, we havn't installed the cert on all our pc's, only a few people who uses the ZCC. So if a lot of people needs to use the page (or some of the other pages) it would of course be a good idea to install it more general 😉

-- Niels I have always liked... Cowabunga! If you find this post helpful, please show your appreciation by clicking on the star below. A member must be logged in before s/he can assign reputation points.
0 Likes
Reply
Report Inappropriate Content
Highlighted
psloat
Absent Member.
Absent Member.
‎2011-04-25 22:09

Re: ZEN 11 Certificate Authority

I figured it out. I used the the following articles from the ZENworks 11 Installation Guide and Administration Reference:

Creating an External Certificate (Installation Guide):
Novell Documentation

Changing the Zone Certificate from Internal to External (Administration Reference):
Novell Documentation
0 Likes
Reply
Report Inappropriate Content
Highlighted
nop19832
Absent Member.
Absent Member.
‎2011-04-26 11:50

Re: ZEN 11 Certificate Authority

Great, yes thats a possiple solution to this 😉

-- Niels I have always liked... Cowabunga! If you find this post helpful, please show your appreciation by clicking on the star below. A member must be logged in before s/he can assign reputation points.
0 Likes
Reply
Report Inappropriate Content
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.