Managing certificates

After the initial Fabric Services System software installation, use the fss-certificate.sh utility to perform the following tasks:

Deploy a user-provided CA signing certificate (root CA or subCA) for the signing of the northbound server certificates.
Deploy a user-provided server certificate for northbound services, including the UI, REST API, and Kafka.
Deploy a user-provided CA signing certificate (root CA or subCA) for generating the SR Linux node certificates.
Generate a certificate signing request (CSR ) for the northbound services server certificate or either of the signing certificates.
Generate a self-signed root CA key and CRT files and store them in the /root/userdata/certificates directory.
Display the all certificates used by the system.

May 31, 2024