SSL Certificates

Nova ADC uses the PEM format to store and deploy SSL certificates. You manage your SSL certificates on Nova Cloud, and it will automatically deploy them to the appropriate Nodes when ADCs are loaded ot them requiring a certificate.


Creating a certificate

To upload your SSL certificate to Nova you need to go to ADCs -> Certificates, and choose to add one. You may also edit existing ones to update them here.

Once created you can use the certificate on any SSL enabled ADC.


Self Signed Certificates

You may create a test certificate by making a self signed PEM and uploading it. This will not be valid or secure, but is useful when testing. These commands should be run on any Linux system, or you can look online for "creating a self signed certificate" for your platform.

sudo openssl genrsa -out test.key 2048
sudo openssl req -new -key test.key -out test.csr
openssl x509 -req -days 365 -in test.csr -signkey test.key -out test.crt
sudo bash -c 'cat test.key test.crt > test.pem'

You will now have a file "test.pem" which you can copy to use in your certificate on Nova.


PEM Format

Nova uses a PEM certificate format, which is a standard Linux .key and .crt chain combined into one file. Please note the key must not be password protected!

Below is an example of a PEM file:

-----BEGIN RSA PRIVATE KEY-----
(REQUIRED: Your Private Key: website.key)
-----END RSA PRIVATE KEY-----

-----BEGIN CERTIFICATE-----
(REQUIRED: SSL certificate: website.crt)
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
(OPTIONALLY: Intermediate certificate: NetworkSolutions_CA.crt)
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
(OPTIONALLY: Root certificate: TrustedRoot.crt)
-----END CERTIFICATE-----