Oracle Cloud Infrastructure Documentation

Download the Root CA Certificate

To access the Device Console, the computer (host) that you use to access the Device Console must have the root CA certificate from the Roving Edge Device. The root CA certificate is the top most certificate in the certificate chain of trust and is used by your computer to verify the authenticity of the Device Console.

Perform the tasks in this section to download the root CA certificate and sign in to the device UI for the first time.

Prerequisites

To perform the tasks in this section, you need the following Roving Edge device items:

  • IP address
  • hostname
  • User name
  • Password

Oracle provides these items to your organization when Oracle provisions your device request.

Ensure Your Host Has OpenSSL Installed

Most Linux and MacOS computers have OpenSSL installed. For Microsoft Windows, you might need to install OpenSSL.

To determine if OpenSSL is installed on Microsoft Windows, search for openssl. If OpenSSL isn't installed, follow your organization's best practices for installing OpenSSL.

The following links take you to popular OpenSSL sites from which OpenSSL can be obtained:

Task 1 - Configure the hosts File

Adding the device IP address and hostname to the hosts file enables your computer to find the Device Console IP address regardless of the DNS configuration.

Use one of the following procedures based on your OS.

Linux

  1. In a text editor, open the /etc/hosts file. The following example uses the vim editor:

    sudo vim /etc/hosts

  2. Enter your administrator password.

  3. Open a new line and enter the device IP address and hostname. Example:

    198.168.0.1    my-1234567  my-device-hostname

  4. Save the /etc/hosts file.

MacOS

  1. Open a terminal:

    Navigate to Finder > Utilities, then click Terminal.

  2. Open the /etc/hosts file in a text editor. The following example uses the nano editor:

    sudo nano /etc/hosts

  3. Enter your administrator password.

  4. Create a new line and enter the device IP address and hostname. Example:

    198.168.0.1    my-1234567  my-device-hostname

  5. Save the /etc/hosts file.

Microsoft Windows

  1. Open Notepad as the administrator.

  2. In Notepad, open the following file:

    C:\Windows\System32\drivers\etc\hosts

  3. Open a new line and enter the device IP address and hostname. Example:

    198.168.0.1    my-1234567  my-device-hostname

  4. Save the hosts file.

Task 2 - Download the Root Certificate File from the Device

Use one of the following procedures based on your computer OS.

If your computer runs Microsoft Windows, also select the procedure based on your browser type.

Note - Browsers evolve over time. If some browser steps don't match what you see in your browser, consult your browser documentation.

Linux and MacOS

  1. In a terminal window, use the following command to download the certificate from the Roving Edge device:

    echo -n | openssl s_client -showcerts -connect <device_ip_address>:8015 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > $HOME/redroot.pem

    The root certificate redroot.pem is downloaded to your home directory.

Microsoft Windows with Firefox
The following steps are for Firefox version 115.

  1. In the browser address field, enter the device address and port number:

    https://<device_hostname>:8015

    If a security risk warning is displayed, accept the risk, and ignore the warning: Roving Edge Device is currently unavailable.

  2. Click the padlock symbol that's to the left of the browser address bar.

  3. In the Site Information dialog box, click Connection Secure, then click More information.

    The Firefox Security menu is displayed.

  4. Click View Certificate.

    The Device Console now displays certificate information.

  5. Click the tab called <hostname>-root-CA .

  6. Scroll down to the Miscellaneous section.

  7. Click the PEM (Cert) link, and save the file somewhere convenient such as the Downloads folder.

Microsoft Windows with Edge
The following steps are for Microsoft Edge version 128.0.2739.67.

  1. In the browser address field, enter the device address and port number:

    https://<device_hostname>:8015

  2. Click the secure icon next to the URL.

  3. Click Certificate or Manage Certificate.

  4. Click Details.

  5. Click Export.

  6. Browse to a convenient download location such as Downloads.

  7. Click Save.

    The root certificate file is saved with a .crt extension.

Microsoft Windows with Chrome
The following steps are for Google Chrome version 128.0.6613.120.

  1. In the browser address field, enter the device address and port number:

    https://<device_hostname>:8015

  2. Click the secure icon next to the URL.

  3. Click the Certificate is not valid icon.

  4. Click the Details tab.

  5. Click Export.

  6. Browse to a convenient download location such as Downloads.

  7. Click Save.

    The root certificate file is saved with a .crt extension.

Task 3 - Import the Root Certificate into Your Browser

Import the downloaded root certificate into your browser using one of the following tasks based on your browser type.

Note - Browsers evolve over time. If some browser steps don't match what you see in your browser, consult your browser documentation.

Firefox

  1. In Firefox, use the navigation menu to open Settings.

  2. In the Find in Settings field, enter certificates.

  3. Click View Certificates.

    The Certificate manager is displayed.

  4. With the Authorities tab selected, click Import.

    Browse to the location of the downloaded certificate file, select it, then click Open.

  5. In the Certificate Manager, click Trust this CA to identify websites, then click OK.

  6. In the Certificate Manager, click OK.

  7. Refresh the browser tab that's connected to the device.

    You're prompted to enter your user name and password.

Edge

  1. In Edge, use the navigation menu to open Settings.

  2. In the Find in Settings field, enter certificates.

  3. Click Manage certificates.

    The Certificate manager is displayed.

    1. In the Certificates dialog box, click Import.

    2. In the Import Wizard, click Next.
    3. Click Browse, and navigate to the location of the downloaded certificate file.

    4. In the file type drop-down menu, select All Files.

    5. Select your downloaded certificate file, and click Open.

    6. Click Next.

    7. Select Automatically select the certificate store based on the type of certificate.

    8. Click Next.

    9. Click Finish.

    10. Click OK.

    11. In the Certificate manager, click Close.

      Now you can sign in to the Device Console.

  4. Refresh the browser tab that's connected to the device.

    You're prompted to enter your user name and password.

Chrome

  1. In Chrome, use the navigation menu to open Settings.

  2. In the Search settings field, enter certificates.

  3. Click Security.

  4. Click Manage certificates.

    The Certificate manager is displayed.

  5. Select the Trusted Root Certificates tab.

  6. Click Import.

    The Certificate Wizard is displayed.

  7. Click Next.

  8. Click Browse, and browse to the location of the downloaded certificate file, select it, then click Open.

  9. Select Automatically select the certificate store based on the type of certificate, then click Next.

  10. Click Finish.

  11. Click OK to acknowledge the import was successful.

  12. Close the Certificate Wizard by clicking Cancel.

  13. In the Certificates dialog box, click Close.

  14. Refresh the browser tab that's connected to the device.

    You're prompted to enter your user name and password.

What's next?

Go to the online Roving Edge Infrastructure documentation.

Learn about ways to access the device. See Accessing a Roving Edge Infrastructure Device.