CoPilot Certificate Management

Use the CoPilot > Settings > Configuration > General page for CoPilot certificate management.

CoPilot comes with a self-signed certificate and key (copilot-selfsigned.crt, copilot-selfsigned.key). You can upload your own SSL certificate and key.

If you upload your own certificate, you must then go to Settings > Resources > System Health in CoPilot and restart the web service to ensure the uploaded certificate goes into effect.

You should only restart the web service with guidance from Aviatrix Support.

If you are using a Windows Internal CA, the following is an example of the certificate format for the .crt and .key file:

  • SSL Certificate: aviatrixCustomerCertificate → PEM-encoded X509 full-chain certificate

  • SSL Certificate Key: aviatrixCustomerKey → PEM-encoded RSA private key (not encrypted with DES3)

SSL Certificate: aviatrixCustomerCertificate example: :

-----BEGIN CERTIFICATE-----
<root CA cert>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<intermediate CA cert>
-----END CERTIFICATE-----

SSL Certificate Key: aviatrixCustomerKey example: :

-----BEGIN RSA PRIVATE KEY-----
<private key>
-----END RSA PRIVATE KEY-----