Let’s Encrypt CA

Prerequisites

To configure a Let's Encrypt CA account in AppViewX, you will need:
  • One of the following Let's Encrypt base URLs for certificate enrollment, as required:
    • Staging URL
    • Production URL

      For links to detailed instructions to get the above information from Let's Encrypt, see the References section.

    • Internet access or a proxy configuration for the AppViewX server. Refer the Managing Proxy Settings documentation in the Platform guides.

Configuring Let’s Encrypt CA

  1. Go to (Menu) > CERT+ > ADMINISTRATION > Certificate Authority.
  2. From the displayed CA, select Let's Encrypt.
    The Let's Encrypt home page is displayed.
  3. Click the Configure Now button or +Add icon from the middle or top-right of the page respectively.
    The Let's Encrypt configuration page is displayed.
  4. Update the following details in the General Information section as described in the table:
    Table 1. General Information - Field Description Table
    Fields Description
    *Name A unique name to identify the CA setting.
    Note: No special characters other than ‘.’, ‘-’,’_’ are allowed. The name must not start with special characters.
    *Purpose/Usage The certificate types will be managed by these settings. For now, Let’s Encrypt is having only one purpose Server.
    Proxy Required Enable this field if the CA communication needs to happen via Proxy. The proxy details configured in general settings will be used for communication.
    Data Center (AppViewX's CA agent) Select the data center through which the CA communication needs to happen.
    *: Mandatory fields
  5. Update the following details in the CA Configuration section as described in the table. These fields are necessary for invoking the Let’s Encrypt CA APIs for Certificate Management.
    Table 2. CA Configuration - Field Description Table
    Fields Description
    *Base URL Let’s Encrypt certificate enrolment URL either staging or production based on the requirement.
    *Email ID(s) Enter email ID(s) in this field to receive notifications from Let's Encrypt. Multiple email ID must be separated by comma (,).
    *: Mandatory fields
  6. Click Save.
    In the CA instance inventory, the connection status is initially set to In Progress. Twice after this, this status is automatically checked and refreshed every 5 seconds. Once the CA instance is successfully configured, the status is updated to Success. Status checks after the first two times have to be done via a manual refresh.
    Note: In case the connection fails, you can manually verify the connection status by clicking the Check button in the Connection Status field.

Manually Validating the Let’s Encrypt CA Connection Status

  1. Go to (Menu) > CERT+ > ADMINISTRATION > Certificate Authority.
  2. From the displayed CA, select Let's Encrypt.
    The Let's Encrypt home page is displayed.
  3. In the Status column of the grid with the listed accounts, click Check to validate the CA setting that has been created.
    The CA communication will be validated and the Connection Status will be shown as either Success or Failure.