Become a Member
Q:
Steps to deploy a custom CA certificate
1. Browse to the Silver Peak appliance web UI: Configuration > SaaS Optimization 2. Click on Generate Certificate Signing Request 3. Fill in the details, leave Encryption set to 'Yes' and configure a passphrase. Then click 'Generate' 4. Copy the Certificate Request text into your clipboard and click close (or save if you wish) 5. Save the private key to a file. 6. On your Windows CA now, click on 'Request a certificate' 7. Then click on 'advanced certificate request' 8. Paste your clipboard contents into 'saved request' 9. Choose 'Subordinate Certificate Authority' as the template 10. Next click 'download certificate' and choose base 64 11. Back on the Silver Peak web UI, click on 'Custom CA Certificate' and 'Upload and replace' 12. For 'certificate file' browse for the .cer file you exported from your CA in step 10 13. For 'Private Key File' browse to the private key you saved in step 5 14. Enter the passphrase and click 'Add'. 15. We now need to install the root CA certificate. Back on your CA website, click on 'Download a CA certificate, certificate chain, or CRL' 16. Click on 'Download CA certificate' and save to a file. 17. On the Silver Peak web UI, visit Configuration > SSL CA Certificates, and then 'Add certificate' 18. For 'certificate file' browse for the .cer file you exported from your CA in step 16 Please also consult the Deployment Guide for all the remaining supporting steps to enable SSL and Saas optimization. https://www.arubanetworks.com/techdocs/sdwan/media/user/AMOG_R80.pdf When doing SaaS SSL optimization, our SSL proxy acts as a 'man in the middle' and substitutes the original server certificate (e.g. from Office 365) with our own certificate. Our certificate has to be signed by a CA that the users’ computers will trust. That’s the role of the subordinate CA certificate and why a simple 'webserver' template will not work. The subordinate CA is internal to your enterprise; it has signing authority and is trusted by the users' computers within the enterprise.