Certificate Management
Certificate Management
ZStack Cube Ultimate allows you to configure and manage SSL certificate. After successfully configuring the SSL certificate, you can log in to the UI via HTTPS protocol. The HTTPS protocol ensures that data transmission is effectively encrypted for the Cloud.
You can import a SSL certificate by one of the following modes:
- Import a third-party certificate.
- Import a system self-signed certificate.
Add a Certificate
On the main menu of ZStack Cube Ultimate, choose . On the Certificate Management page, click Add Certificate. Then, the Add Certificate page is displayed.
The following lists the two certificate addition scenarios:
- Add a third-party certificate
- Add a system self-signed certificate
Add a Third-Party Certificate
On the displayed page, set the following parameters:
Note: When updating a certificate, the system will detect the certificate path
and write the certificate information to this path.
- Import Mode: Select Third-Party Certificate.
- Certificate Document: Enter or import a certificate content.Note:
- The imported certificate must be in CRT or PEM format.
- The certificate starts with
----BEGIN CERTIFICATE----and ends with----END CERTIFICATE----.
- Certificate Private Key: Enter or import a
certificate private key.Note:
- The certificate private key must be in CRT or PEM format.
- The certificate starts with
----BEGIN (RSAIEC) PRIVATE KEY----and ends with----END (RSAIEC) PRIVATE KEY----.
- Certificate Chain: Optional. Enter or import a
certificate chain.Note:
- The certificate chain must be in CRT or PEM format.
- The certificate starts with
----BEGIN CERTIFICATE----and ends with----END CERTIFICATE----.
- HTTP Redirection: Optional. If enabled, requests are redirected by default from port 5000 of the HTTP address to port 5443 of the HTTPS address.
Note: When updating a certificate, the system will detect the certificate path
and write the certificate information to this path.Add a system self-signed certificate
On the displayed page, set the following parameters:Note: When updating a certificate, the system will detect the certificate path
and write the certificate information to this path.
- Import Mode: Select System Self-Signed Certificate.
- Duration: You can specify a validation duration for the system self-signed certificate. Valid values: 3 months, 1 year, 3 years, 5 years, and 10 years. By default, 10 years is selected.
- HTTP Redirection: Optional. If enabled, requests are redirected by default from port 5000 of the HTTP address to port 5443 of the HTTPS address.
- Custom Certificate Information: Optional. If enabled,
you can customize your self-signed certificate information.
- Common Name: Optional. Set a common name. By
default, the common name is localhost.Note: The input must be 1 to
64 characters in length and can contain letters, digits, and
special characters. Supported special characters include
~`@#$%^&*()-_+={}[]|:;'<>.?/
- Organization Name: Optional. Set a name for
your organization. By default, the organization name is
localhost.Note: The input must be 1 to 64 characters in length
and can contain Chinese characters, letters, digits, and special
characters. Supported special characters include
~`@#$%^&*()-_+={}[]|:;'<>.?/
- Organization Unit Name: Optional. Set a name
for your organization unit.Note: The input must be 1 to 64
characters in length and can contain Chinese characters,
letters, digits, and special characters. Supported special
characters include
~`@#$%^&*()-_+={}[]|:;'<>.?/
- Country/Region Name: The country/region name can only be set as CN.
- State/Province Name: Optional. Set the state
or province name.Note: The input must be 1 to 128 characters in
length and can contain Chinese characters, letters, digits, and
special characters. Supported special characters include
~`@#$%^&*()-_+={}[]|:;'<>.?/
- Locality Name: Optional. Set a city
name.Note: The input must be 1 to 128 characters in length and
can contain Chinese characters, letters, digits, and special
characters. Supported special characters include
~`@#$%^&*()-_+={}[]|:;'<>.?/
- Email Address: Optional. Set an email address.
- Common Name: Optional. Set a common name. By
default, the common name is localhost.
Note: When updating a certificate, the system will detect the certificate path
and write the certificate information to this path.Manage a Certificate
On the main menu of ZStack Cube Ultimate, choose . Then, the Certificate Management page is displayed.
The following table lists the actions that you can perform on a certificate.
| Action | Description |
|---|---|
| Add Certificate | Add a SSL certificate.Note:
|
| Update Certificate | Update the current SSL certificate. |
| Switch back to HTTP | Switch back to HHTP to log in to the Cloud
UI.Note: The session is reestablished after you switch to HTTP.
You need to log in to the UI again via HTTP
protocol. |