Nexus CA

Prerequisites

To configure a Nexus CA account in AppViewX, you will need:
  • Base URL
  • Client certificate, for communication between AppViewX and Nexus
  • Organization ID

    Please contact the Nexus team for retrieving the above listed prerequisite values.

  • Internet access or a proxy configuration for the AppViewX server. Refer the Managing Proxy Settings documentation in the Platform guides.
  • CA certificates manually uploaded before certificate discovery or enrollment is initiated

Configuring Nexus

  1. Go to (Menu) > CERT+ > ADMINISTRATION > Certificate Authority.
  2. From the displayed CA, select Nexus.
    The Nexus home page is displayed.
  3. Click the Configure Now button or +Add icon from the middle or top-right of the page respectively.
    The Nexus configuration page is displayed.
  4. Update the following details in the General Information section as described in the table.
    Table 1. General Information - Field Description Table
    Fields Description
    *CA Account name A unique name to identify the CA setting. No special characters other than ‘.’, ‘-’,’_’ are allowed. The name should not start with special characters.
    *Purpose/Usage Certificate Type for which CLM actions will be enabled. For example, server and clients
    Proxy Required Enable this field if the CA communication needs to happen via Proxy. The proxy details configured in general settings will be used for communication.
    Data Center (AppViewX's CA agent) Select the data center through which the CA communication needs to happen.
    *: Mandatory fields
  5. Update the following details in the CA Configuration section as described in the table.
    Table 2. CA Configuration - Field Description Table
    Fields Description
    *SSL URL Base URL of the SSL API
    *User Name Provide a username of the GCC to communicate with the CA.
    *Password Provide a password for the GCC to communicate with the CA.
    *: Mandatory fields
  6. Select Fetch Procedures.
    The procedures available in the Nexus CA account will be fetched and listed for the specific user.
  7. To map the fetched procedures, click on one or many and click the Actions dropdown
    • CASE 1 - If the user selects Server only in Purpose and Usage, then the fetched procedure by default will be of server/client both. The Action dropdown will only have - Map as Server. and MAP as Default
    • CASE 2 - If the user selects Client only in Purpose and Usage, then the fetched procedure by default will be of server/client both. The Action dropdown will only have - Map as Client. and MAP as Default
    • CASE 3 - If the user selects Server and Client both in Purpose and Usage, then the fetched procedure by default will be of server/client both. The Action dropdown will have both the actions Map as Client , Map as Server, and MAP as Default
  8. Click Save.
    In the CA instance inventory, the connection status is initially set to In Progress. Twice after this, this status is automatically checked and refreshed every 5 seconds. Once the CA instance is successfully configured, the status is updated to Success. Status checks after the first two times have to be done via a manual refresh.
    Note: In case the connection fails, you can manually verify the connection status by clicking the Check button in the Connection Status field.

Manually Validating the Nexus CA Connection Status

  1. Go to (Menu) > CERT+ > ADMINISTRATION > Certificate Authority.
  2. From the displayed CA, select Nexus.
  3. In the Status column of the grid with the listed accounts, click Check to validate the CA setting that is created.
    The CA communication will be validated and the Connection Status will be shown as either Success or Failure.