- Hardware Appliance Unboxing
- Initial Set-up
- Restore from Backup
- Connect to Cluster
- Using External CA for Installation
- Basic Hardware Operations
- WebConf - Configurator of Hardware Appliance
- Certificates and Trusted CAs
- Setting up a Validation Authority (VA)
- HA Setup
- PKCS#11 Slot Smart Card Activation
- EJBCA Administration
- Certificate Life Cycle Management
Creating CA Hierarchy
- Step 1: Create the RootCA
- Step 2: Create Certificate Profile for SubCAs
- Step 3: Create End Entity Profile for SubCAs
- Step 4: Import RootCA as External CA in Node A
- Step 5: Create SignCA as SubCA in Node A
- Step 6: Create AuthCA as SubCA in Node A
- Step 7: Create SSLCA as SubCA in Node A
- Step 8: Create Certificate Profiles for End Entities that use the SubCAs
- Step 9: Create End Entity Profiles for SubCAs
- Step 10: Create End Entities that use the SubCAs
- Managing End Entities
- Creating Java Truststore
- Check for Weak Debian Keys
- Hardware Appliance 3.5.4 Release Notes
- Hardware Appliance 3.5.3 Release Notes
- Hardware Appliance 3.5.2 Release Notes
- Hardware Appliance 3.5.1 Release Notes
- Hardware Appliance 3.5.0 Release Notes
- PKI Appliance 3.4.5 Release Notes
- PKI Appliance 3.4.4 Release Notes
- PKI Appliance 3.4.3 Release Notes
PKI Appliance 3.4.2 Release Notes
PKI Appliance 3.4.1 Release Notes
- Release Notes Summary
- Hardware Appliance 3.5.X Upgrade Notes
Step 4: Connecting to the Hardware Appliance
To establish the connection to the Hardware Appliance, you have to verify the TLS certificate by confirming the TLS fingerprint. For this, you will need the TLS fingerprint as described in Step 2: One Time Password and TLS Fingerprint.
Proceed as follows to connect to the Hardware Appliance:
Open your browser and enter the IP address of the Management Interface.
You have assigned this address in Step 3: Changing the IP Address of the Hardware Appliance.
Click Connect to management interface over TLS:Connect to the EJBCA Hardware Appliance using TLS
Your browser will ask you to select a certificate.
Click Cancel. The dialog Potential security risk ahead opens.
- Click Advanced. An info box on the certificate requirements opens.
- Click Accept the risk and continue. You will return to the WebConf page Verify TLS Certificate:Verify TLS Certificate
Proceed as follows to check the fingerprint of the TLS certificate and compare it to the TLS fingerprint of the Hardware Appliance:
Click the Padlock icon in the address bar of your browser.
Click > to expand the information for Connection is Not Secure. This opens information on the security of your connection.
Click More Information and then View Certificate to open the Certificate Viewer.
In the Certificate Viewer, find the SHA256 Fingerprint and compare it to the TLS fingerprint of the Hardware Appliance.If the two fingerprints match, the Hardware Appliance is connected to the correct machine.
Close the Certificate Viewer panel.Certificate Information
- Click The fingerprints are the same in the Hardware Appliance certificate verification page (see Verify TLS Certificate).
The Authenticate page will open and you can proceed with Step 5: Running WebConf Wizard.