Create certificates for FlexEdge Secure SD-WAN Engines using external certificate management
After creating an Secure SD-WAN Engine element, create a certificate request for each Secure SD-WAN Engine node, export and sign the certificate request using the external CA, then import the signed certificate.
Before you begin
- Configuring Single Engines
- Configuring Engine Clusters
- Configuring IPS engines
- Configuring Layer 2 Engines
- Master Secure SD-WAN Engine and Virtual Secure SD-WAN Engine configuration overviewNote: Only Master Secure SD-WAN Engines communicate with the Management Server. It is not possible to configure certificate settings for Virtual Secure SD-WAN Engines.
For more details about the product and how to configure features, click Help or press F1.
Steps
Result
Example
Option | Definition |
---|---|
Name | The name of the element. |
Organization (O) (Optional) |
The name of your organization as it appears in the certificate. |
Organization Unit (OU)
(Optional) |
The name of your department or division as it appears in the certificate. |
State/Province (ST)
(Optional) |
The name of state or province as it appears in the certificate. |
Locality (L)
(Optional) |
The name of the city as it appears in the certificate. |
Common Name (CN) | A common name that includes the name of the Secure SD-WAN Engine element. |
Public Key Algorithm (Not editable) |
The algorithm used for the public key. Note: For Secure SD-WAN Engine certificates, only the ECDSA public key algorithm is
supported.
|
Key Length | The length of the key in bits. Enter 521 or 384. |
Signature Algorithm (Not editable) |
Shows the signature algorithm according to the key length. |
Subject Alternative Name (DNS) | The name of the Secure SD-WAN Engine node as a fully qualified domain name (FQDN). |