Managing Installed Certificates
Quantum Spark 1500, 1600 and 1800 Appliance Series R80.20.40 Locally Managed Administration Guide | 246
Managing Installed Certificates
On the Installed Certificates page, you can create and manage appliance certificates or upload a P12
certificate. Uploaded certificates and the default certificates are displayed in a table. To see certificate
details, click the certificate name.
You can upload a certificate signed by an intermediate CA or root CA. All intermediate and root CAs found in
the P12 file are automatically uploaded to the trusted CAs list.
Note - This page is available from the Device and VPN tabs.
On the VPN Remote Access Blade Control page, after you enable the SSL VPN feature, you can select
and assign a certificate from the list of the installed certificates (with the exception of the Default Web Portal
certificate). You can also do this on the Remote Access Advanced tab.
On the Device > Device Details page, you can select and assign a Web portal certificate from the list of
installed certificates (with the exception of the Default certificate).
Installed certificates are used in site-to-site VPN, SSL VPN, and the Web portal.
When Cloud Services is turned on and the appliance is configured by Cloud Services, the Cloud Services
Provider certificate is downloaded automatically to the appliance. The Cloud Services Provider certificate is
used by community members configured by Cloud Services. Note - If you turn Cloud Services off, the Cloud
Services Provider certificate is removed.
These are the steps to create a signed certificate:
1. Create a signing request.
2. Export the signed request (download the signing request from the appliance).
3. Send the signing request to the CA.
4. When you receive the signed certificate from the CA, upload it to the appliance.
To create a new certificate to be signed by a CA:
1. Click New Signing Request.
2. Enter a Certificate name.
3. In the Subject DN enter a distinguished name (e.g. CN=myGateway).
4. Optional: - Click New to add alternate names for the certificate.
Select the Type, enter the Alternate name and click Apply.
5. Click Generate.
The new signing request is added to the table and the status shows "Waiting for signed certificate".
Note - You cannot edit the request after it is created.
If the new signing request is signed by the Internal CA and the Organization Name is not defined in the DN,
the Internal CA automatically generates the Organization Name.
To export the signing request:
Click Export.
To Next Page
Loading...
Need help?
General
