Versions Compared

Version Old Version 14 New Version Current
Changes made by

Sean McDade

Sean McDade

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Table of Contents
minLevel1
maxLevel6
include
outlinefalse
indent
stylenone
exclude
typelist
class
printablefalse

Generating a

...

Signed Certificate


You’ll first need to generate a CSR to be signed by your chosen Certificate Authority.

...

  1. Generate and download the CSR to get it signed by your chosen Certificate Authority (CA).

  2. Ensure the signed certificate is in PEM format (Base-64 encoded X.509 - CER).

  3. Navigate to the System > Certificate Management page in ZPC and the Import Certificate tab and select the Signed Certificate option.

  4. SSH into the ZIRO machine and log in using the s8admin account, then select Restart Web Server from the menu.

    Image Added

  5. Log back into ZPC from your browser and confirm the certificate has been successfully imported by checking the validity period.

...

Renewing an Existing Signed Certificate

Note

Warning - If a change to the FQDN is made during your renewal, SAML SSO configuration changes required when renewing SSL certificatewill also be required

Updating the ZIRO FQDN tied to your SSL certificate will break the existing SAML Single Sign-On functionality setup for ZIRO ZPC and will require adjustments to your Identity Provider (IdP) configuration.

Once a new SSL certificate is uploaded, users will be unable to sign in using SSO until you export the new Service Provider (SP) Metadata from the SAML Single Sign-On page and use it to adjust the Relying Party Trust configuration for ZIRO in your Identity Provider (IdP) configuration.

For more detailed steps, refer to the walkthrough guide Setting Up SSO for ZPC with ADFS.SSO setup walkthrough guides for your IdP (Azure, ADFS, Okta)

  1. View the expiry date of your certificate by navigating to System Health > System Health Status page.

  2. View your current certificate details by accessing the certificate viewer in your browser while on the ZPC website.

  1. Generate and download the CSR using the information in the previous step to get it signed by your chosen Certificate Authority (CA).

  2. Ensure the signed certificate is in PEM format (Base-64 encoded X.509 - CER).

  3. Navigate to the System > Certificate Management page in ZPC and the Import Certificate tab and select the Signed Certificate option.

  4. SSH into the ZIRO machine and log in using the s8admin account, then select Restart Web Server from the menu.

    Image Added

  5. Log back into ZPC from your browser and confirm the certificate has been successfully imported by checking the validity period.

...

How to Use Wildcard Certificates

  1. Acquire the wildcard certificate from your IT team in the correct PEM format (Base-64 encoded X.509 - CER).

  2. Navigate to the System > Certificate Management page in ZPC and the Import Certificate tab and select the Wildcard Certificate option.

    image-20240109-140359.pngImage Added

  3. Provide the unencrypted Private Key and specify the FQDN.

  4. Click Import.

  5. SSH into the ZIRO machine and log in using the s8admin account, then select Restart Web Server from the menu.

    Image Added

  6. Log back into ZPC from your browser and confirm the certificate has been successfully imported by checking the validity period.

    Image Added