Top

Working with Multiple Server

Key Manager Plus allows users to deploy multiple servers to certificates/add deployed servers to a certificate. By the end of this document you will have learnt the following:

  1. Deploy Multiple Servers to a Certificate
  2. Add Deployed Servers to a Certificate
  3. Modify the Server Details
  4. Edit a Deployed Server
  5. Delete a Deployed Server
  6. Auto Deploy a Certificate
  7. Check Sync Status
  8. Import Credentials
  9. Export Credentials

1. Deploy Multiple Servers to a Certificate

To deploy multiple servers to a certificate,

  1. Navigate to SSL >> Certificates tab.
  2. Select the certificate to which you want to deploy multiple servers and click Deploy from the top pane and select to which you want to deploy the certificate.
  3. Follow the steps here to know more about deploying certificates.

To view the multiple server page,

  1. Navigate to SSL >> Certificates tab and click multiple servers icon corresponding to the required certificate.
  2. A window opens listing the servers in which the certificate is deployed along with other information such as IP address, Port and certificate validity, Host Name, Serial Number at Host and Sync Status.
    multiple-server-1

2. Add Deployed Servers to a Certificate

  1. Navigate to SSL >> Certificates tab and click multiple servers icon corresponding to the required certificate.
  2. Click Add from the top pane to further add deployed servers to the certificate.
    1. In the pop-up that appears, mention the DNS Name, IP Address and Port.
    2. Mention the Sync Check Timeout in seconds.
    3. If you choose to Sync Check with Agent, select the desired Agent. 
    4. You can choose to Deploy Certificate to all servers on Auto Renewal.
    5. Click Save.

      multiple-server-2
  3. You can also add deployed servers from SSL >> Certificates >> More >> Add Deployed Server.
  4. Now, the certificates have been successfully deployed using agent. To know more about SSL certificate deployment click here.

3. Modify the Server Details

  1. Navigate to SSL >> Certificates tab and click multiple servers icon corresponding to the required certificate.
  2. To modify the Server details, click credentials icon  corresponding to the required certificate.
  3. Select the Server Typeand modify the required details.
    1. If you choose the Server Type as Windows or Linux,
      1. Mention the user credentials or Use Key Manager Plus service account credentials for authentication, Port and the Path.

        multiple-server-3
      2. If you select Certificate, select the File Type and enter the Certificate File Name.
      3. If you select JKS/PKCS, select the Keystore Type and mention the Store File Name.
    2. If you choose the Server Type as Microsoft Certificate Store,
      1. Mention the credentials or Use Key Manager Plus service account credentials for authentication and the Path.
      2. Select Computer and/or User account to deploy the certificate to the selected account.
      3. Now, select Enable PrivateKey Export from MS Certificate Store after deployment to export private key from the certificate store.

        multiple-server-5
    3. If you choose the Server Type as Internet Information Services (IIS),
      1. Mention the credentials or Use Key Manager Plus service account credentials for authentication and the Path.
  4. Click Save to modify the server details.

4. Edit a Deployed Server

  1. To edit a deployed server, click the edit icon corresponding to required certificate.
    1. In the pop-up that appears, you will be able to edit the DNS Name, IP Address and Port.
    2. Mention the Sync Check Timeout in seconds.
    3. If you choose to Sync Check with Agent, select the desired Agent.
    4. You can choose to Deploy Certificate on Auto Renewal. 
    5. Click Save. 

      multiple-server-6
  2. Now, you have successfully editted a deployed server.

Note: You will be able to deploy certificate to all servers on auto renewal only if the user credentials are available.

5. Delete a Deployed Server

Note: Users will not be allowed to delete the Primary server. Choose an alternate Primary Server and then proceed to delete the server. 

  1. To delete a deployed server, select the desired server and click Delete from the top pane.
  2. If the server you are deleting is a Primary server, in the pop-up, select a new Primary server from the list and click Apply. This will assign the selected server as the Primary server.

    change-primary
    1. Now, select the server again and click Delete.
  3. In the pop-up that appears, click Ok.
  4. You have successfully deleted a deployed server.

6. Auto Deploy a Certificate

  1. To auto deploy certificates after renewal, select the desired certificates and click the Edit button.
  2. Select Deploy Certificate on Auto Renewal and click Save in the pop-up that appears. 

7. Check Sync Status

  1. To check the Sync Status using the agent, select the desired certificates and click the Edit button.
  2. Select Sync Check With Agent and select the desired Agent.
  3. Click Save.
  4. To check the Sync Status of the server, select a server and click Check Status on the top pane.
  5. Now, Key Manager Plus will check the Sync Status and will display it on the corresponding server's column.

8. Import Credentials

  1. Click the import credentials icon on the top right corner.
  2. In the pop-up that appers,
    1. Browse and select the File Location from where you want to import.
    2. Select Certificate and/or JKS / PKCS and click Import.
  3. Now you have successfully imported the credentials into Key Manager Plus.

9. Export Credentials

Select the desired resources and click export credentials icon on top right corner to export the credentials to a text document.