What should contain the site certificate

ldelt

Hello, 

we are trying to generate a certificate for Solarwinds NPM and NCM using our own CA.

From my gathering the information should be:

Subject Name

• Common Name

  <Server FQDN>

 

Subject Alt Name

• DNS Name	<server hostname>
  DNS Name	<Server FQDN>

 

Encryption RSA 2048 bit

SHA 256

 

Key Usages:

Purposes

Digital Signature, Key Encipherment, Data Encipherment

Purposes

Server Authentication, Client Authentication

 

 

HTTPS is configured on fresh installs only when a suitable certificate is found on the system.

 

SolarWinds recommends you do not use a self-signed certificate.

 

Recommendations for certificates:

SolarWinds recommends using strong private keys: 2,048 bits for RSA (~112 bits of security) or 256+ bits for ECDSA (128 bits of security).

Sign your certificates with SHA256 or higher

 

• RSA doesn't scale well above 2,048, so after that, ECDSA should be preferred.

• Renew certificates (including private keys) regularly, because revocation mechanisms are not reliable.

• Sign your certificates with SHA256 or higher

So we use the web server template but the certificate isn't seen as valid by Solarwinds.

Why? What is missing?