Azure TLS Certificate Generation Guide

Introduction

This guide is intended to show an administrator of a PrimeKey EJBCA Cloud instance how to generate new Transport Layer Security (TLS) certificates.

Documentation

EJBCA Cloud documentation is available on:
https://download.primekey.com/docs/EJBCA-Enterprise-Cloud/latest/

EJBCA Enterprise documentation is available on:
https://download.primekey.com/docs/EJBCA-Enterprise/latest/

Additional information on EJBCA Community is available on: www.ejbca.org

Azure Documentation

Information on Azure Public IP addressing is available in the Azure User Guide Create, change, or delete a public IP address.

Overview

This guide describes how to generate new TLS certificates in EJBCA Cloud.

New TLS certificates are needed in the following circumstances:

  • EJBCA Cloud instance is shut down within the Azure environment and the Public IP is released by Azure.
  • An assigned IP is added to the instance in place of the Public IP for persistence.
  • A custom DNS name is desired.

When using tools such as the ClientToolBox, the following error may be displayed:

"No subject alternative DNS name matching <instance ip> found".

If this is encountered, perform the steps in this guide.