Your browser does not support HTML5 local storage or you have disabled it. Some functionality on this site, including saving your privacy settings and offering you special discounts, uses local storage and may not work with local storage disabled. We recommend allowing the use of local storage in your browser. In some browsers, it is the same setting used for disabling cookies.

SSH Tectia

Server Certificate Enrollment

Once all related configuration settings have been created, X.509 certificates can be enrolled onto the server hosts.

The Management Server triggers the certificate enrollment on each host. The Management Agent generates a key pair and a PKCS#10 certificate request for the private key. The Management Server verifies that the certitificate request matches the configuration and enrolls the certificate. The Management Server sends the certificate issued by the CA, in this case the SSH Tectia Manager Internal CA, to the Management Agent which will install the certificate and restart/reconfigure SSH Tectia Server. The success status of the operation is sent back to the Management Server from each host, and the server hosts are now ready for certificate authentication. See Figure 5.23.

Server host certificate deployment

Figure 5.23. Server host certificate deployment