Server Host Certificate Enrollment

After the certificate enrollment settings have been created and assigned to host groups in SSH Tectia Manager, the host certificates can be enrolled to the SSH Tectia Server hosts. This example enrollment assumes that the Internal CA is used.

Ensure that the hosts have SSH Tectia Server version 4.3 (or later) installed and the host information is correct (the host has a fully qualified domain name and the IP address is correct). In case the hosts already have existing host certificates, see Certificate Renewal.

Select the host group and enrollment-time options in Configurations → Enroll certificates (Figure 8.5).
Figure 8.5. Selecting enrollment options
Start the enrollment job in SSH Tectia Manager (Figure 8.6).
Figure 8.6. Enrolling certificates

The PKI configurations are automatically updated to the environment after the host certificates have been successfully enrolled.