top of page
  • Writer's pictureNikhil Verma

Leverage OCI Certificate Service for OCVS as Private PKI

Oracle Cloud Infrastructure Certificates provides organisations with certificate issuance, storage, and management capabilities, including revocation and automatic renewal. If you have a third-party certificate authority (CA) that you already use, you can import certificates issued by that CA for use in an Oracle Cloud Infrastructure tenancy.

In this blog , we will leverage this service for Oracle Cloud VMware solution. Here we will configure Certificate Authority on OCI , generate Certs and apply those Certificates on Applications hosted on Oracle Cloud VMware solution.

Before start we must know, how Certificate generation process works :

First we need to configure Certificate Authority using below steps:

Go to Vault and generate Master encryption key :

Created Certificate Authority:

Second step i am generating CSR and private key by providing all details which includes Common Name, Country, SAN name etc. using openssl utility.

openssl req -new -nodes -newkey rsa:2048 -config /var/tmp/myssl.cnf -reqexts req_ext -keyout key.key -out test.csr

In third step ,i have to choose option Certificate to Manage Externally which will allow to upload CSR and generate signed Certificate.

Here i have uploaded CSR to generate cert.

Click on view Certificate details :

Finally we need to download Application Cert and Root Cert in .pem format.Click on view content and then download.

Let's test application without Cert , we will see SSL warning on browser :

Let me test it again after applying SSL cert:

Certificate Validation working as expected.

For VM deployment on OCVS , please refer this blog:

67 views0 comments


bottom of page