Adding service certificates to an edge gateway makes those certificates available for use in the edge gateway's VPN-related settings. If the edge gateway for your vCloud Director organization virtual datacenter has been converted to an advanced edge gateway, you can add a service certificate to the tenant portal's Certificates screen.

Prerequisites

Verify you have the service certificate and its private key in PEM format. In the user interface, you can either paste in the PEM data or browse to a file that contains the data and is available in your network from your local system.

For the ability to use the vCloud Director tenant portal to work with an edge gateway's settings, the edge gateway must have already been converted to an advanced edge gateway using the Convert to Advanced Gateway action on the edge gateway in the vCloud Director Web console. See the vCloud Director Administrator's Guide for details.

Procedure

  1. Launch the tenant portal using the following steps.
    1. Log in to the vCloud Director Web console and navigate to the edge gateway.
    2. Right-click the name of the edge gateway and click Edge Gateway Services in the context menu.

      The tenant portal opens in a new browser tab and displays the Edge Gateway screen for that edge gateway.

  2. Click the Certificates tab.
  3. Click + SERVICE CERTIFICATE.
  4. Input the service certificate's PEM-formatted data.
    • If the data is in a PEM file on a system you can navigate to, click the import button to browse to the file and select it.

    • If you can copy and paste the PEM data, paste it into the Service Certificate (PEM format) field. Include the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines.

  5. Input the certificate's private key's PEM-formatted data.
    • If the data is in a PEM file on a system you can navigate to, click the import button to browse to the file and select it.

    • If you can copy and paste the PEM data, paste it into the Private Key (PEM format) field. Include the -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY----- lines.

  6. Type in a private key passphrase and confirm it.
  7. (Optional) Type an optional description.
  8. ClickKeep.

Results

The certificate with type Service Certificate appears in the on-screen list. This service certificate is now available for you to select when you configure the edge gateway's VPN-related settings.