Link to home
Start Free TrialLog in
Avatar of Mohonk
MohonkFlag for United States of America

asked on

Generate SSL Certificate for Network Device (Switch/Appliance)

Need some help figuring out what kind of certificate to generate for some HP Procurve switches.  In the past we've just generated a self-signed certificate and were able to manage them via a browser no problem.  Now most browsers dont like these kind of certificates.

We tried generating a cert but it requires a host and domain name.  coreswitch.domain.com  
We browse to these devices via https://xxx.xxx.xxx.xxx  so the cert is valid but doesn't match the address we're browsing to and we get a certificate warning.  

Is there a way to base it off the IP address of the device?  Or do i need to create a dns entry for these devices?
ASKER CERTIFIED SOLUTION
Avatar of Dave Howe
Dave Howe
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Mohonk

ASKER

Will give it a shot thanks!
cool. it isn't that hard a process; if you are doing a two level (CA and server certs) you need the CA cert in the browser to verify the server cert; XCA can do SAN as a self-signed, but as you say, browsers tend to complain a bit about those.

If you have any specific questions, go ahead and post them here :D
Avatar of Mohonk

ASKER

That was the trick! Thanks!