Tag Archives: signed certificate

Verify Order of Signed Certificates for UAA + BOSH

In a previous article (https://www.starkandwayne.com/blog/bosh-uaa-with-signed-certificates/) we discovered how to add a multiple/intermediate level signed certificates to UAA on BOSH. Recently I discovered one of my deployments had the certs in the wrong order and a kind gentleman named Thilak showed me how to verify the order of certificates is correct. While the bosh_cli didn’t complain

BOSH + UAA with Signed Certificates – Part I

Pivotal has done a great job with documenting adding UAA as the authentication and authorization for BOSH instead of relying on local BOSH accounts. This allows you to later integrate with LDAP or SAML later on. The instructions have you generate a series of unsigned certs which works great except now you have to use