Avatar of Mohonk
Mohonk
Flag for United States of America asked on

Generate SSL Certificate for Network Device (Switch/Appliance)

Need some help figuring out what kind of certificate to generate for some HP Procurve switches.  In the past we've just generated a self-signed certificate and were able to manage them via a browser no problem.  Now most browsers dont like these kind of certificates.

We tried generating a cert but it requires a host and domain name.  coreswitch.domain.com  
We browse to these devices via https://xxx.xxx.xxx.xxx  so the cert is valid but doesn't match the address we're browsing to and we get a certificate warning.  

Is there a way to base it off the IP address of the device?  Or do i need to create a dns entry for these devices?
SSL / HTTPSSwitches / HubsNetworking

Avatar of undefined
Last Comment
Mohonk

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Dave Howe

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Mohonk

ASKER
Will give it a shot thanks!
Dave Howe

cool. it isn't that hard a process; if you are doing a two level (CA and server certs) you need the CA cert in the browser to verify the server cert; XCA can do SAN as a self-signed, but as you say, browsers tend to complain a bit about those.

If you have any specific questions, go ahead and post them here :D
Mohonk

ASKER
That was the trick! Thanks!
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23