Step 2: Installing the first Hardware Appliance

  1. In Firefox, enter the IP address that you have configured for the Hardware Appliance. The browser prompts you that this connection is untrusted:

    Hardware Appliance Login: Untrusted Connection
  2. You can trust the connection if the TLS finger print is the same as the one the Hardware Appliance display. To check this, click Add Exception and then View...:

    Hardware Appliance Login: Add exception
  3. In the Fingerprints section, find SHA1 Fingerprint. The first values have to match with the TLS finger print in the Hardware Appliance front display:

    Hardware Appliance Login: Check TLS fingerprint
  4. Click The finger prints are the same to trust the TLS certificate.  Through TLS fingerprint, the Hardware Appliance is authenticated to you:

    Hardware Appliance Login: Confirm TLS fingerprint
  5. In the Authenticate section, enter the One Time Password (OTP) in the field Authentication code. You will find the OTP in the Hardware Appliance display:

    Hardware Appliance Login: Enter OTP
  6. Before the installation process begins, you will have to go through the following configuration steps:

    • Select the installation option
    • Configure network settings
    • Configure date and time zone
    • Configure Management CA
    • Check the pre-installation summary

    For more information on these settings refer to the sections in Initial Set-up.

Getting the superadmin certificate

After the installation you need to get the superadmin certificate to finalize the process. Proceed as follows:

  1. Click Enroll and choose the security device to be used for enrollment:

    EJBCA: Enroll process
  2. When prompted, enter the smart card password:

    EJBCA: Enter smart card password
  3. The certificate will be generated. Wait for the confirmation that enrollment is complete and that certificate is installed in the smart card:

    EJBCA: Successful enrollment
  4. To finalize the installation, log in to the Hardware Appliance or EJBCA's Public Pages and choose the certificate to authenticate to the system:

    Authentication to the system
  5. Confirm the connection and then confirm the exception with Confirm Security Exception:

    Firefox: Confirm connection
  6. Go to IP_ADDRESS_application/ejbca in EJBCA's Public Pages

  7. In the section Retrieve > Fetch CA Certificates click Download as PEM to download the Management CA certificate:

    EJBCA: Public Pages > Fetch CA certificates
  8. Go to IP_ADDRESS > WebConf > Access tab and copy the clientcert value. You will need it to install the next Hardware Appliance:

    WebConf > Access tab: Copy clientcert