TODO
Later we will merge public content from Orchestration - Servers#Certificatesmanagement with this one. But not yet.
Intro
Certificates management in TDS allows you to easily enable automated SSL/TLS certicates deployment and renewals.
Project certificates view allows you to list and manage SSL/TLS certificates in your project.
In server settings view it allows you to configure certificate and DNS settings.
Project certificates view
Project certificates view allows you to list and manage SSL/TLS certificates in your project.
You can get there by opening particular portal project, then opening "Ceritificates" menu.
Every certificate shows its usage/assignment on servers and domains or subject alternative names (SANs) that it is applicable for. You can add/import custom certificates here and use them on servers. You can read more in documentation.
Server DNS and certificates settings view
In server settings view it allows you to configure certificate and DNS settings.
There is multiple features available:
- certificates management
- enabling >> signs new certificate or uses existing default certificate to deploy to agreed location on server automatically
- disabling >> turns off automated certificate management, we do not touch the certificates on server after disabling as that might lead to unexpected issues. Certificate is not renewed after expiration.
- support for DNS alias for server and for certificate
- if alias belongs to area domain we are able to sign certificate for it, otherwise we just sign certificate by TDS CA >> you can change it to your custom certificate
- support for wildcard subdomain DNS record for server and certificate for it
- if subdomain is under FQDN managed by TDS, we are able to register wildcard DNS record >> otherwise we just store such setting into database without actually registering anything to DNS or without signing certificate as we would not be able allowed to do so anyway due to DNS and certificates signing protection