The Alteon Load Balancer integration allows you to manage certificates within the Alteon Load Balancer device.
This repository contains a Universal Orchestrator Capability which is a plugin to the Keyfactor Universal Orchestrator. Within the Keyfactor Platform, Orchestrators are used to manage “certificate stores” — collections of certificates and roots of trust that are found within and used by various applications.
The Universal Orchestrator is part of the Keyfactor software distribution and is available via the Keyfactor customer portal. For general instructions on installing Capabilities, see the “Keyfactor Command Orchestrator Installation and Configuration Guide” section of the Keyfactor documentation. For configuration details of this specific Capability, see below in this readme.
The Universal Orchestrator is the successor to the Windows Orchestrator. This Capability plugin only works with the Universal Orchestrator and does not work with the Windows Orchestrator.
Orchestrator Extension for Alteon Load Balancer is supported by Keyfactor for Keyfactor customers. If you have a support issue, please open a support ticket with your Keyfactor representative.
To report a problem or suggest a new feature, use the Issues tab. If you want to contribute actual bug fixes or proposed enhancements, use the Pull requests tab.
The Keyfactor Universal Orchestrator may be installed on either Windows or Linux based platforms. The certificate operations supported by a capability may vary based what platform the capability is installed on. The table below indicates what capabilities are supported based on which platform the encompassing Universal Orchestrator is running.
Operation | Win | Linux |
---|---|---|
Supports Management Add | ✓ | ✓ |
Supports Management Remove | ✓ | ✓ |
Supports Create Store | ||
Supports Discovery | ||
Supports Renrollment | ||
Supports Inventory | ✓ | ✓ |
The high level steps required to configure the Alteon Load Balancer Orchestrator extension are:
Now we can navigate to the Keyfactor platform and create the store type for the extension.
-
Navigate to your instance of Keyfactor and log in with a user that has Administrator priveledges.
-
Click on the gear icon in the top left and navigate to "Certificate Store Types".
-
Click "Add" to open the Add Certificate Store dialog.
-
Name the new store type "Alteon Load Balancer" and give it the short name of "AlteonLB".
-
The Alteon Load Balancer integration supports the following job types: Inventory, Add, Remove. Select from these the capabilities you would like to utilize.
-
Make sure that "Needs Server" is checked.
-
Set the following values on the Advanced tab:
- Supports Custom Alias - Optional
- Private Key Handling - Optional
-
No changes are needed in the Custom Fields and Entry Parameters tabs.
The process for installing an extension for the universal orchestrator differs from the process of installing an extension for the Windows orchestrator. Follow the below steps to register the integration with your instance of the universal orchestrator.
-
Stop the Universal Orchestrator service.
- Note: In Windows, this service is called "Keyfactor Orchestrator Service (Default)"
-
Create a folder in the "extensions" folder of the Universal Orchestrator installation folder named "AlteonLB"
- example: `C:\Program Files\Keyfactor\Keyfactor Orchestrator\AlteonLB
-
Copy the build output (if you compiled from source) or the contents of the zip file (if you downloaded the pre-compiled binaries) into this folder.
-
Start the Universal Orchestrator Service
Now add the certificate store that corresponds to an instance of the Alteon Load Balancer.
The steps to do this are:
-
Navigate to "Locations > Certificate Stores"
-
Click "ADD"
-
Enter the values corresponding to the Alteon Load Balancer instance.
-
Category: Alteon Load Balancer
-
Container: optional logical container in keyfactor for the certificates from this store
-
Client Machine: The Alteon Load Balancer Server and port
- Note: The server credentials will only have to be entered once, even if adding multiple certificate stores.
- Set the credentials to those of the account with sufficient permissions to manage certs in the Alteon Load Balancer.
- Check Use SSL
- The Server Name should be the fully qualified URL and port of the Alteon Load Balancer instance.
- Note: The server credentials will only have to be entered once, even if adding multiple certificate stores.
- Store Path: This value isn't used for this integration (other than to uniquely identify the cert store in certificate searches).