Automated Certificate Generation
BigFix AEX interacts with 3rd party or client-side applications for integrations, where the client applications require certificate generated by BigFix AEX which can be validated with the key sent over every request from BigFix AEX. This provides trust to the client application and validates those requests are coming from valid and trusted BigFix AEX instance. The generated certificate zip file is shared with the customer, who can use the certificate to establish trust on client-side application.
This method is alternate and superior to using service credentials shared between applications.
- Certificate generation is only available for deployed tenants, which have the launch button available.
- All certificates are created for dryice.ai domain and are valid for 1 year from date of creation.
- For generating certificate for a specific tenant, go to the global admin page.
- Click on the gear/settings icon
for the required tenant
- On clicking the configure icon
.png)
, the configurations page will open,
which will have the Signed Certificate Generation
panel.
- On clicking Generate, an alert is displayed for downloading the certificate and key zip file as shown in Figure 370 – Signed Certificate Zip Download Alert. Whenever Generate is clicked, a new certificate is generated, which also invalidates the older certificate.
- On clicking OK, the zip file will be downloaded.
Figure 371 – Signed Certificate Zip Downloaded
- The zip file contains the certificate and key which should be installed by the client application.
- The three files refer to certificate, signing request file and a key.