You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-iot/organizations/how-to-deploy-certificates.md
+7-5Lines changed: 7 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -31,7 +31,9 @@ To perform the procedures described in this article, make sure that:
31
31
32
32
## Deploy an SSL/TLS certificate
33
33
34
-
After you've created your SSL/TLS certificate as required and have it installed on a trusted storage, deploy it to your OT sensor or on-premises management console.
34
+
Deploy your SSL/TLS certificate by importing it to your OT sensor or on-premises management console.
35
+
36
+
Verify that your SSL/TLS certificate [meets the required parameters](#verify-certificate-file-parameter-requirements), and that you have [access to a CRL server](#verify-crl-server-access).
35
37
36
38
### Import the SSL/TLS certificate
37
39
@@ -105,7 +107,7 @@ If validation fails, communication between the relevant components is halted and
105
107
106
108
## Create a certificate
107
109
108
-
Add description.
110
+
Create either a CA-signed SSL/TLS certificate or a self-signed SSL/TLS certificate (not recommended).
109
111
110
112
### Create CA-signed SSL/TLS certificates
111
113
@@ -119,7 +121,7 @@ You can also convert existing certificate files if you don't want to create new
119
121
120
122
### Create self-signed SSL/TLS certificates
121
123
122
-
Create self-signed SSL/TLS certificates by first [downloading a security certificate](#import-a-downloaded-security-certificate-to-a-trusted-store) from the OT sensor or on-premises management console and then exporting it to the required file types.
124
+
Create self-signed SSL/TLS certificates by first [downloading a security certificate](#download-a-security-certificate) from the OT sensor or on-premises management console and then exporting it to the required file types.
123
125
124
126
> [!NOTE]
125
127
> While you can use a locally-generated and self-signed certificate, we do not recommend this option.
@@ -198,7 +200,7 @@ If these tests fail, review [certificate file parameter requirements](#verify-ce
198
200
199
201
### Import a downloaded security certificate to a trusted store
200
202
201
-
**Download a security certificate:**
203
+
#### Download a security certificate
202
204
203
205
1. After [installing your OT sensor software](ot-deploy/install-software-ot-sensor.md) or [on-premises management console](ot-deploy/install-software-on-premises-management-console.md), go to the sensor's or on-premises management console's IP address in a browser.
204
206
@@ -210,7 +212,7 @@ If these tests fail, review [certificate file parameter requirements](#verify-ce
210
212
211
213
1. In the **Certificate viewer** pane, select the **Details** tab, then select **Export** to save the file on your local machine.
212
214
213
-
**Import the sensor's locally signed certificate to your certificate store:**
215
+
#### Import the sensor's locally signed certificate to your certificate store
214
216
215
217
After creating your locally signed certificate, import it to a trusted storage location. For example:
0 commit comments