1 # How to configure the server TLS certificates for authentication
14 certificates signed by a CA that can be used to authenticate user requests to an
18 ## Certificates  section in How to configure the server TLS certificates for authentication
35 If you already have certificates you can skip to
37 [Verify certificates](#verify-certificates) and check if they meet the above
42 To generate certificates with required parameters some modification must be made
97 `myext-server.cnf` for the client and server certificates respectively. Without
198 ### Verify certificates
200 To verify the signing request and both certificates you can use following
214 - Validity in both certificates,
225 Below are fragments of generated certificates that you can compare with.
357 …tent-Type: application/json" -X POST https://${bmc}/redfish/v1/Managers/bmc/Truststore/Certificates
368 curl --user root:0penBmc -k https://${bmc}/redfish/v1/Managers/bmc/Truststore/Certificates
383       "@odata.id": "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1"
441   when TLS is disabled or certificates are invalid.
443 - Certificates do not meet the requirements. See paragraphs
444   [Verify certificates](#verify-certificates).