Your Browser is Out of Date

Nytro.ai uses technology that works best in other browsers.
For a full experience use one of the browsers below
Concepts Guide—Dell EMC Integrated System for Microsoft Azure Stack Hub
Executive Summary Solution Overview Prerequisites
Environmental requirements
Power distribution unit (PDU) power-drop requirements
Azure connection, identity store, and billing-model decisions
Choosing connection options and identity store
Features that are impaired or unavailable in disconnected mode
Required customer-provided security certificates
Mandatory certificates
Optional PaaS certificates
Certificate requirements and validation
License requirements
Azure Stack Hub endpoints and customer port requirements
Hardware Infrastructure Networking and Cabling Operations and Management Software Security Maintaining the Solution Backup and Recovery Conclusion License Retrieval Dell Technologies Support and Consulting Offerings Revisions

Optional PaaS certificates

Optional PaaS certificates

  • Note All certificates that are listed in this section must have the same password.

    If you plan to deploy the additional Azure Stack Hub PaaS services (SQL, MySQL, and App Service) after Azure Stack Hub has been deployed and configured, you must request additional certificates to cover the endpoints of the PaaS services.

    Note: The certificates that you use for SQL, MySQL, and App Service resource providers must have the same root authority as those certificates used for the global Azure Stack Hub endpoints.

    The following table describes the endpoints and certificates that are required for the SQL and MySQL adapters and for App Service. You do not need to copy these certificates to the Azure Stack Hub deployment folder. Instead, provide these certificates when you install the additional resource providers.

    Table 17.           Certificates and endpoints for additional PaaS services

    Certificate

    Scope
    (per region)

    Required certificate subject and SANs

    Subdomain namespace

    SQL and MySQL

    SQL, MySQL

    *.dbadapter.<region>.<fqdn>

    (Wildcard SSL Certificate)

    dbadapter.<region>.<fqdn>

    Web Traffic Default SSL Cert

    App Service

    *.appservice.<region>.<fqdn>

    *.scm.appservice.<region>.<fqdn>

    *.sso.appservice.<region>.<fqdn>

    (Multi Domain Wildcard SSL Certificate)

    appservice.<region>.<fqdn>

    scm.appservice.<region>.<fqdn>

    API

    App Service

    api.appservice.<region>.<fqdn>

    (SSL Certificate)

    appservice.<region>.<fqdn>

    scm.appservice.<region>.<fqdn>

    FTP

    App Service

    ftp.appservice.<region>.<fqdn>

    (SSL Certificate)

    appservice.<region>.<fqdn>

    scm.appservice.<region>.<fqdn>

    SSO

    App Service

    sso.appservice.<region>.<fqdn>

    (SSL Certificate)

    appservice.<region>.<fqdn>

    scm.appservice.<region>.<fqdn>

    Notes

    Multi Domain Wildcard SSL Certificate—Requires one certificate with multiple wildcard SANs. Not all Public Certificate Authorities support multiple wildcard SANs on a single certificate.

    SSL Certificate—An *.appservice.<region>.<fqdn> wildcard certificate cannot be used in place of the following certificates: (api.appservice.<region>.<fqdn>, ftp.appservice.<region>.<fqdn>, and sso.appservice.<region>.<fqdn>. Appservice explicitly requires the use of separate certificates for these endpoints.

    For more information about the public key infrastructure (PKI) certificates that are required to deploy Azure Stack Hub and how to obtain them, see Azure Stack Hub public key infrastructure certificate requirements on the Microsoft website.