Support for Installing User-Generated Certificates on Appliances

Currently, all major browsers present a warning screen to users when they attempt to access the Web console of an appliance for the first time stating that the SSL certificate is invalid. Some browsers allow the user to add an exception to avoid the warning in the future, but the exception is specific to the appliance, the workstation, and the browser. The certificate is invalid for two reasons:

• The identity on the certificate does not match the URL of the appliance (typically an IP address).
• An authority trusted by the user's system did not sign the certificate.

Oracle SD-WAN Edge 4.3 allows users to upload generated certificates to the Web console of the appliance.

The user should generate the certificate for the appliance's IP address and the appropriate Certificate Authority should sign the certificate prior to installation. If the certificate is generated properly, it will be trusted by the systems on the user's network.

Note:

For User-Generated certificates, there is also a root certificate that is loaded into the user's Web browser.

To upload the certificate, log into the appliance and proceed to Manage Appliance  HTTPS Certificate. Users can upload a certificate and key file as required. There is no procedure to delete a certificate that was uploaded, but the user can regenerate a Oracle certificate by selecting Regenerate HTTPS Certificate as illustrated in Figure 11.

Figure 11: HTTPS Certificate