Top
ServerView Resource Orchestrator Cloud Edition V3.1.2 NS Option Instruction
FUJITSU Software
Appendix C Pre-configuration Method for NS Appliances > C.3 Server Certificate and CA Certificate Operations > C.3.2 Updating Server Certificates and CA Certificates
PreviousNext

C.3.2 Updating Server Certificates and CA Certificates

This section explains the operations necessary for updating certificates when using an SSL accelerator of the server load balancer function.

When update is necessary, the tenant user requests the infrastructure administrator to update of the certificates used for the currently used L-Platform.


Figure C.2 Flow of Update of Server Certificates and CA Certificates


  1. Set maintenance mode on the NS Appliance to update the certificates of.

    For details on how to configure maintenance mode, refer to "22.1 Switchover of Maintenance Mode" in the "User's Guide for Infrastructure Administrators (Resource Management) CE".

  2. Connect to the NS Appliance, and check the CA certificate corresponding to the server certificate of the update target.

    This operation is performed when updating the CA certificate.
    Execute the following command:

    admin
password: Administrator Password
show cert certificate Number of Certificates chain

  3. Delete the server certificate of the update target.

    Execute the following command:

    cert zeroize Number of cert Certificates

    After executing the command, respond with "y" to the output reply message.

  4. Register the server certificate of the update target.

    Refer to "Registering Server Certificates" in "C.3.1 Registering Server Certificates and CA Certificates".
    Specify the same certificate number for registration as the server certificate number deleted in step 3.

  5. Delete the CA certificate of the update target.

    Specify the number of the CA certificate checked in step 2 for the number of the CA certificate to delete. This operation is performed when updating the CA certificate.
    When the registration number is between 1 and 18, do not delete the CA certificate.
    Execute the following command:

    cert zeroize ca Number of CA Certificates

    After executing the command, respond with "y" to the output reply message.

  6. Register the CA certificate of the update target.

    Refer to "Registering CA Certificates" in "C.3.1 Registering Server Certificates and CA Certificates". This operation is performed when updating the CA certificate.
    The certificate numbers specified when registering are as follow:

    • Specify the same number as the CA certificate deleted in step 5., when deleting the CA certificate (the number of the target CA certificate is something other than 1 to 18).

    • When not deleting the CA certificate (the number of the target CA certificate is 1 to 18), register a new CA certificate.

  7. Reflect the update of the certificate on the operating NS Appliance.

    Execute the following command:

    configure terminal
load running-config
commit
exit
exit

    After executing the command, respond with "y" to the output reply message.

  8. Release the maintenance mode configured when starting operations.

    For details on how to release maintenance mode, refer to "22.1 Switchover of Maintenance Mode" in the "User's Guide for Infrastructure Administrators (Resource Management) CE".

PreviousNext
Copyright 2010-2015 FUJITSU LIMITED