Overview

EST is an automated process for application certificate provisioning using TLS.

Currently, switch does not support certificate enrollment of TPM certificates from server. For manual enrollment and re-enrollment of application certificates, configure the following in the switch:

Configure EST server URL.
Configure application certificate name, usage, and CSR attributes.
Configure enrollment retry interval and the count (recommended).
Configure number of days before certificate expires to initiate re-enrollment (recommended).

For ZTP triggered EST enrollment of application certificates, Aruba central sends configuration template to EST server.

With this enhancement, you can now install certificates sent by the server for both Syslog and RadSec applications.