I'm working on setting up PKI for the cluster. I have successfully installed the certificate, but I don't see the proper cert on the browser. and when I ran "security ssl show" I don't see the certificate installed there.
below is what I have done so far:
1. Ran "security certificate generate-csr ......." to generate a cert request and a private key
2. I pasted the content of step 1 to create a servername.csr file.
3. On my windows 10 laptop, I ran "certreq -submit -attrib [ ]" to get a CA signed certificate
4. I ran "security certificate install -vserver [cluster name] -type client
I got the successful message
The certificate shows in the "security certificate show"
However, I don't see the cert in "security ssl show" nor on the web browser.
Am I supposed to see the certificate I just installed in "security ssl show" output ? I don't see the cert I just installed there. That's my main concern now. But the certificate in output of "security certificate show" seems to be fine and exist.
Not sure if I have done anything wrong in the steps I posted.
If the certificate is for the cluster, NOT for vserver, will it actually be in the SSL? Someone just told me it wouldn't. So maybe I have been misunderstanding that.
I however do see an expired cert that reflects in the browser. Would removing the expired cert cause inaccessible issue? I'm a bit hesitated to just remove the expired cert. May wanna consult further for the cert deletion.
//it is best to remove all unwanted/unneeded server certificates in a svm to avoid confusion