From Wikipedia: “Network address translation (NAT) is a method of mapping an IP address space into another by...
VNS3 Feature Spotlight – HTTPS Certificate Upload
Managing HTTPS Certificates in your VNS3 controller has just become easier. At Cohesive we recognise the challenges involved in obtaining and uploading these certificate chains to your device. VNS3 5.0 significantly improves this functionality and lets you manage HTTPS certifications in bulk.
When you launch VNS3 in your cloud environment it installs its own self-signed certificate, this is necessary as SSL certificates cannot be associated to an IP address. Increasingly web browsers are now giving ominous warnings or completely blocking websites that are not HTTPS. Organisations also prefer to access their Cloud assets using their own domains. They can achieve this by uploading their signed certificates to their VNS3 controller.
As part of our VNS3 5.0 release we have overhauled both the user experience and user interface to help our customers easily install and review the certificates on their devices.
The user experience has now been simplified with an intelligent multi-file upload which has been designed to avoid confusion around which certificate file (root, intermediate, end user) needs to be uploaded at each step. Each Certificate Authority tends to provide its own files and formats, we’ve moved to standardise the import process, thus reducing the cognitive load of what can be an onerous process.
The Certificate Upload page has also been updated with a clear and easy to read table that
shows the installed certificates, the issuer, certificate lifespan and the inclusion of a SHA-256 checksum adds to the confidence of the chain of custody.
Our flexible plugin system allows us to simplify this process even further: our curated LetsEncrypt plugin utilises VNS3’s Edge Networking plugin subsystem to:
- Automate the generation and renewal processes of HTTPS certs
- Perform HTTPS challenge verification
- Upload and install certificates via the VNS3 API
You can also utilise our Plugin system to take advantage of The Lets Encrypt plugin. The plugin will automate the process of renewing your certificates at a regular interval.
All you need to utilise the plugins features are:
- A registered domain name for which certificates will be generated. This DNS must resolve to your VNS3 controller’s public IP address
- An email address to be associated with the certificate, usually your webmaster address
- Your VNS3 controller’s plugin subsystem subnet
- Your VNS3 controller’s API password
Check out the full documentation of the LetsEncrypt plugin which can be found here: