Hi community,
We are in process of building a vRO environment with 2 nodes behind a load balancer in an active/active mode. We are interested in using Domain CA Certs for the environment. I'm using the below config file to generate the .key, .csr files etc.. I have a couple of queries..
1. Which format the certs should be in - DER, PEM, PFX etc..
2. How and where should I do the certificate import when load balancer is in the picture. We don't import certs to LB, we offload SSL to the nodes.
Config file format used -
[ req ]
default_bits = 2048
default_keyfile = rui.key
distinguished_name = req_distinguished_name
encrypt_key = no
prompt = no
string_mask = nombstr
req_extensions = v3_req
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment, dataEncipherment, nonRepudiation
extendedKeyUsage = serverAuth, clientAuth
subjectAltName = DNS:vrotest, IP:1.1.1.1, DNS:vrotest.company.com, DNS:vrot01, IP:1.1.10.2, DNS:vrot01.company.com, DNS:vrot02, IP:1.1.10.3, DNS:vrot02.company.com
[ req_distinguished_name ]
countryName = US
stateOrProvinceName = MO
localityName = Kansas City
0.organizationName = Test
organizationalUnitName = VMW
commonName = vrotest.company.com
Please help!!
VMSavvy 