CA Certificates

edge device connectors verify secure connections by checking whether the certificate presented by the remote service was signed by a trusted certificate authority (ca) by default, devices only trust well known public cas in certain enterprise networks, security infrastructure such as deep packet inspection (dpi) appliances and ssl proxies intercept and resign traffic using internal or private cas which edge devices don't recognize this can cause tls handshake failures and broken connector connections custom ca certificate management lets you upload your organization's internal ca certificates to litmus edge manager lem deploys them to connected edge devices, where connectors automatically append them to the system trust store this allows connectors (including the mqtt ssl connector) to establish secure connections through your enterprise security infrastructure without manual certificate work on each device newly activated devices receive the current ca bundle automatically during provisioning note ca certificate management is available for litmus edge manager version 2 34 0 and later access ca certificates ui to access ca certificates ui in the litmus edge manager admin console, select edge devices > ca certificates the ca certificates pane lists all uploaded certificates with the following details column description subject the entity the certificate was issued to issuer the certificate authority that issued the certificate issued on the date the certificate was issued expiry date the date the certificate expires, and the number of days remaining fingerprint a short identifier for the certificate actions options to manage the certificate upload a ca certificate to upload a ca certificate click the upload ca certificate + icon in the upload ca certificate dialog, click choose navigate to and select a certificate file in pem , crt , or cer format verify certificate information and click confirm upload the certificate appears in the ca certificates list and is queued for deployment to connected edge devices sync certificates to edge devices after uploading a certificate, you must sync it to your edge devices to distribute the updated ca bundle syncing is managed at the project level from the user ui see certificates docid\ t69a0u8tvev6 zlse5qwv for more information delete a ca certificate to delete a ca certificate in the ca certificates list, click the actions icon for the certificate you want to remove select delete click delete in the confirmation dialog the certificate is removed from the pool