Configuring GlobalSign MSSL

  1. Go to menu > KUBE+ > CLUSTER PKI > Certificate Authority
  2. Click the +Add icon on the top right of the page.
  3. Select the GlobalSign in the left side vendor list, and then click the GlobalSign MSSL tab.
  4. Update the following details in the General Information section as described in the table.
    Table 1. General Information - Field Description Table
    Name Description Validation
    *CA Account name A unique name to identify the CA setting No special characters other than ‘.’, ‘-’,’_’ are allowed. The name should not start with special characters.
    *Purpose/Usage Certificate Type for which CLM actions will be enabled. For example, server and clients NA
    Proxy Required Enable this field if the CA communication needs to happen via Proxy. The proxy details configured in general settings will be used for communication. NA
    Data Center (AppViewX's CA agent) Select the data center through which the CA communication needs to happen. NA
    Note: The asterisk (*) symbol indicates a mandatory field.
  5. Update the following details in the CA Configuration section as described in the table.:
    Options Description
    *SSL URL Base URL of the SSL API
    *User Name Provide a username of the GCC to communicate with the CA.
    *Password Provide a password for the GCC to communicate with the CA.
    Note: The asterisk (*) symbol indicates a mandatory field.
  6. Once all the details are configured, click Save.
  7. In GlobalSign MSSL, we can now fetch profiles and domains by clicking on the Fetch Profiles and Domain button.
    Note: The supported CSR key types are RSA 2048-8192, ECC P-256, ECC P-384 .