Some background info for context:
vShield Mgr 5.5:
- imported Root CA cert. and a CA-signed X.509 cert.
- able to login to vShield Mgr. with trusted certs.
vCD Cells:
- all certs signed and imported
- able to login directly with trusted certs.
vShield Load Balancer:
Virtual Machine: vcloud.ourcloudnet.com (10.10.10.1)
Profile applied: http/https, least_conn, 80/443, members are both vCD cells
We want to have a signed and trusted cert for the load balancer address (vcloud.ourcloudnet.com). I have been trying to follow the procedures in the vShield Administration Guide page 73, but I'm getting confused with the procedure itself. When it says "You can generate a CSR and get it signed by a CA. If you generate a CSR at the global level, it is available to all vShield Edges in your inventory.", does that mean generating a CSR at the vShield Mgr level as opposed to the vShield Edge level? Am I doing this all wrong?
Need some guidance please.
