top of page
  • Twitter Social Icon
  • LinkedIn Social Icon
  • Facebook Social Icon

Leverage OCI Certificate Service for OCVS as Private PKI

  • Writer: Nikhil Verma
    Nikhil Verma
  • Apr 5, 2023
  • 1 min read

Oracle Cloud Infrastructure Certificates provides organisations with certificate issuance, storage, and management capabilities, including revocation and automatic renewal. If you have a third-party certificate authority (CA) that you already use, you can import certificates issued by that CA for use in an Oracle Cloud Infrastructure tenancy.

In this blog , we will leverage this service for Oracle Cloud VMware solution. Here we will configure Certificate Authority on OCI , generate Certs and apply those Certificates on Applications hosted on Oracle Cloud VMware solution.


Before start we must know, how Certificate generation process works :



First we need to configure Certificate Authority using below steps:

Go to Vault and generate Master encryption key :


Created Certificate Authority:




Second step i am generating CSR and private key by providing all details which includes Common Name, Country, SAN name etc. using openssl utility.


openssl req -new -nodes -newkey rsa:2048 -config /var/tmp/myssl.cnf -reqexts req_ext -keyout key.key -out test.csr


In third step ,i have to choose option Certificate to Manage Externally which will allow to upload CSR and generate signed Certificate.


Here i have uploaded CSR to generate cert.




Click on view Certificate details :



Finally we need to download Application Cert and Root Cert in .pem format.Click on view content and then download.



Let's test application without Cert , we will see SSL warning on browser :



Let me test it again after applying SSL cert:


Certificate Validation working as expected.


For VM deployment on OCVS , please refer this blog:



Comments


  • Grey Twitter Icon
  • Grey LinkedIn Icon
  • Grey Facebook Icon
bottom of page