Configuring AppViewX CA

To configure the AppViewX CA
  1. Go to menu > KUBE+ > CLUSTER PKI > Certificate Authority
  2. Select AppViewX from the left-side vendor list.
    The AppViewX home page is displayed.
  3. Click the Configure Now or +Add icon from the middle or top-right of the page respectively.
    Note: The Configure Now option is displayed if you are configuring a CA for the first time.
    The AppViewX configuration page is displayed.
  4. Enter/Select the following details in the General Information section:
    Table 1. General Information - Field Description Table
    Name Description
    *CA Account name

    A unique name to identify the CA setting.

    Note: No special characters other than ‘.’, ‘-’,’_’ are allowed. Names should not start with special characters.
    *Purpose/Usage

    Certificate Type for which CLM actions will be enabled.

    Example: Server, Client
    CRL Required Enable this field if the CA communication needs to happen via Proxy. The proxy details configured in general settings will be used for communication.
    Data Center (AppViewX's CA agent) Select the data center through which the CA communication needs to happen.
    Note: The asterisk (*) symbol indicates a mandatory field.
  5. Enter/Select the following Credentials-related information:
    Table 2. Credentials - Field Description Table
    Field Description
    Credential type*

    From the dropdown list, from the following options, select the credential type:

    • Manual Entry: Manually enter the access and secret key for the customer’s AWS account)
    Access key*

    Enter the access key for the customer’s AWS account.

    Note: This field is displayed only when Credential type is set to Manual Entry.
    Secret key*

    Enter the secret key for the customer’s AWS account.

    Note: This field is displayed only when Credential type is set to Manual Entry.
  6. Update the following details in the CSR Parameters section as described in the table:
    Table 3. CSR Parameters - Field Description Table
    Name Description
    Common Name

    The common name of the root certificate.

    Note:
    • Use Asterisk (*) for the host part of the FQDN to enforce the domain. For example, *.domain.com will only allow users to request certificates with domain domain.com.

    • Allowed Special Characters: Asterisk (*), Hyphen (-), Period (.)

    Issuer Name Name of the certificate issuer.
    Algorithm

    Type of the root certificate.
    Hash Function

    The hash function for the root certificate.
    Organization Unit

    Name of the Organisation unit.
    Key Length

    Key length for the root certificate.
    Organization

    Organization attribute for the root certificate.
    Locality

    Locality attribute for the root certificate.
    State or Province

    State attribute for the root certificate.
    Country

    Country attribute for the root certificate.
    Email Address

    Email address for the root certificate.
    Note: The asterisk (*) symbol indicates a mandatory field.
  7. Update the following details in the Validity section as described in the table.
    Name Description
    *Start Date

    Start date of the certificate issuance.
    *End Date

    End date of the certificate issuance.
    Note: The asterisk (*) symbol indicates a mandatory field.
  8. Click Save.
    Once the setting is saved, the user will be directed to the root certificate submission holistic view.
  9. Users can submit and fetch the root certificate.
  10. On the CA setting page, user can see the status of the created setting.