Orchestrator certificates

To prevent MITM (man-in-the-middle) attacks, when communicating with the orchestrator, the CPE device checks whether the orchestrator certificate can be trusted. By default, root certificates of public certificate authorities are installed on devices.

If your orchestrator is using a certificate signed by a public certificate authority, you do not need to install an additional certificate on the devices. Otherwise, you must add the public root certificate used by the orchestrator on the devices by uploading the certificate to the orchestrator web interface.

Regarding certificate management, consider the following:

In this section

Uploading an orchestrator certificate

Viewing an orchestrator certificate

Manually distributing an orchestrator certificate to CPE devices

Exporting an orchestrator certificate

Page top