Adding service certificates to an edge gateway makes those certificates available for use in the VPN-related settings of the edge gateway. You can add a service certificate to the Certificates screen.

Prerequisites

Verify that you have the service certificate and its private key in PEM format. In the user interface, you can either paste in the PEM data or browse to a file that contains the data and is available in your network from your local system.

Procedure

  1. Open Edge Gateway Services.
    1. From the top navigation bar, select Resources, and click the Cloud Resources tab.
    2. In the left panel, click Edge Gateways.
    3. Click the radio button next to the name of the target edge gateway, and click Services.
  2. Click the Certificates tab.
  3. Click Service certificate.
  4. Input the PEM-formatted data of the service certificate.
    • If the data is in a PEM file on a system you can navigate to, click the Upload button to browse to the file and select it.
    • If you can copy and paste the PEM data, paste it into the Service Certificate (PEM format) field.

      Include the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines.

  5. Input the PEM-formatted data of the certificate private key.
    When FIPS mode is on, RSA key sizes must be greater or equal to 2048 bits.
    • If the data is in a PEM file on a system you can navigate to, click the Upload button to browse to the file and select it.
    • If you can copy and paste the PEM data, paste it into the Private Key (PEM format) field.

      Include the -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY----- lines.

  6. Enter a private key passphrase and confirm it.
  7. (Optional) Enter a description.
  8. Click Keep.

Results

The certificate with type Service Certificate appears in the on-screen list. This service certificate is now available for you to select when you configure the VPN-related settings of the edge gateway.