In part 1 of this blog series, I showed how to secure your SCC with a trusted UI Certificate:
Therefore, in this blog, I will show how to further secure your SCC with a trusted System Certificate, put your CA certificate in the Trust Store, install a SCC CA Certificate and with that enable Principal Propagation.
Installing a SCC System Certificate is very similar to installing a UI Certificate. The steps are:
To import your CA certificate into your SCC, you have to export it in DER format:
Then you can import it into your SCC Trust Store:
Generating the CSR for your SCC CA Certificate is similar to the SCC System Certificate, but there is one important difference and that is 2 additional X.509 Extensions, i.e. Certificate Sign and CRL Sign. These are generated automatically by the SCC, but make sure they are present prior to singing the request:
Subsequently, your SCC CA Certificate can be imported:
And with that, Principal Propagation can be activated:
As a result, we got 2 more green boxes in the SCC General Security Status:
In my next and final blog of this series I will show how to Configure local LDAP authentication of your Cloud Connector administrators.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
8 | |
5 | |
5 | |
4 | |
4 | |
4 | |
3 | |
3 | |
3 | |
3 |