After you generate a Certificate Signing Request (CSR) and obtain the CA-signed certificate based on that CSR, you can import the CA-signed certificate to use it by your edge gateway.

Prerequisites

Verify that you obtained the CA-signed certificate that corresponds to the CSR. If the private key in the CA-signed certificate does not match the one for the selected CSR, the import process fails.

Procedure

  1. Open Edge Gateway Services.
    1. Navigate to Networking > Edges.
    2. Select the edge gateway to edit, and click Services.
  2. Click the Certificates tab.
  3. Select the CSR in the on-screen table for which you are importing the CA-signed certificate.
  4. Import the signed certificate.
    1. Click Signed certificate generated for CSR.
    2. Provide the PEM data of the CA-signed certificate.
      • If the data is in a PEM file on a system you can navigate to, click the Upload button to browse to the file and select it.
      • If you can copy and paste the PEM data, paste it into the Signed Certificate (PEM format) field.

        Include the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines.

    3. (Optional) Type a description.
    4. Click Keep.
      Note: If the private key in the CA-signed certificate does not match the one for the CSR you selected on the Certificates screen, the import process fails.

Results

The CA-signed certificate with type Service Certificate appears in the on-screen list.

What to do next

Attach the CA-signed certificate to your SSL VPN-Plus or IPsec VPN tunnels as required. See Configure SSL VPN Server Settings and Specify Global IPsec VPN Settings.