Control Center Director requires secure connection with Connect:Direct server to perform upgrades remotely. Connect:Direct requires to key certificate and trusted certificates configured to establish remote secure connection.
Key certificate is a combination of certificate’s private key and the certificate signed by a Certificate Authority.
The CA (Certificate Authority) certificate serves as the certificate for a certificate signing authority. It plays a crucial role in validating certificates presented by remote servers. CA certificates are stored as trusted certificates. Sometimes, a certificate is signed by an intermediate CA. To validate a certificate signed by an intermediate CA, both the root-level CA certificate and the intermediate certificate are required.
These certificates need to confirm to Public-Key Infrastructure(PKI) certificate formats.
When Control Center Director is first time configured, a self-signed CA is created.
Prior to Control Center Director 6.3.1 release, when new Connect:Direct server is deployed, a bootstrap certificate is created and signed by Control Center Director’s CA and the bootstrap certificate is included with the newly deployed Connect:Direct server to establish secure connection. To replace the bootstrap certificate, it required a post-install configuration step to configure Connect:Direct server with a certificate that is signed by a well-known certificate authority.
In Control Center Director 6.3.1 and later versions, when creating a new Connect:Direct install job, options have been introduced to include user-provided key certificates and trusted certificates (Certificate Authority) as part of the initial Connect:Direct deployment. This enhancement provides greater flexibility in configuring secure connections during the deployment process.
For the inclusion of user-provided key certificates and trusted certificates in the initial Connect:Direct deployment, these certificates need to be added to Control Center Director using the External Certificates management functionality.
External Certificates management offers features to handle both External Key Certificates and External CA Certificates. This functionality allows users to efficiently manage and incorporate external certificates into their systems.