Can anyone sugegst me the steps to upload the new certificate into SSL VPN?
Very straightforward - you select "Configuration"/"Certificates"/"Device Certificates" - Select "New CSR" to generate the certificate signing request.
Then when you get the certificate back you select "Import Certificate and Key" to bring the cert in. You have some option depending on exactly how the cert was generated.
This will obviously replace the self signed cert that you established during the initial configuration. You can also have multiple certs if you have multiple domain names on your SSL box. Those map to virtual ports that are defined under network settings.
Oh yeah - that to
i did exactly what told in here, and on the admin guide.
fr example my domain on the initial config is, "ssl.domain.com" and there is a certificate on the device for it, which is not signed,
i want to replace that with a valid signed cert so that,
i created a CSR, and send it to the CA and they send me back a file with the extension ".cer" than when i try to import it to the pending CSR part, it says unknown CSR format.
i couldnt import my cert..
any one can help?
edit: if i try to add the certification from the, "import certification and key" menu it says : Could not read certification format.
ps: i didnt want to repost on the same topic, so if this is a topic hijacking, i am deeply sorry and please let me know, i will repost immediately..
thanks in advance..
I am not 100% on this but i did run into a similar issue and i think renaming the file from .cer to .crt fixed it
The following KB was created for this scenario: http://kb.pulsesecure.net/InfoCenter/index?page=conten
If I want to replace an existing ssl certificate say for heart bleed remediation, should I request a new csr or renew the existing certificate?
I'm unsure how to approach the change at this time.
The existing certificate is an express certificate; I would like to at least bump it up to a non-express certificate when I do replace the certificate.
Should I use the renew option to accomplish this or new csr?
Once the csr has been issued, will this immediately break the existing ssl certificate?