Add User Certificates

Parent Previous Next

Add User Certificates



This screen helps in creating/uploading CA Certificates.


Creating CA Certificate: (Signing CA)


Create User Certificates


            Only one CA Certificate can be created, to create another CA delete the existing one.


To create CA certificate, the following information is needed:


Certificate Name: A unique name to identify the CA Certificate.

Valid upto: The date till which the CA is valid, after which the certificate Expires.

Key Length: The encryption key size, more the Key length, more processing power is required.

Password: The password/passphrase of the CA

LocalID: The Local Identifier for the Certificate, helps the firewall to identify the Certificate.

Common Name: Common name is a mandatory bit of uniquely identifying data, such as your host's FQDN or your name.


Please be sure that the fields marked unique are kept unique, else certificate will not be created.




Uploading CA Certificate: (Verifying CA)


Upload User Certificates


A Certificate can be uploaded as a .p12 file or as certificate+key (pem+req or pem+pem) file. These Certificates are stored as Verifying CA's.


The following information need to be given along with the uploaded file.


Certificate Name: The name of the certificate you wish to give. (please note the name should only consist of alphanumeric characters, other characters are disallowed)

CA Certificate Format: The format of the file you are uploading (either .p12 or .pem).

CA Certificate File: If the Certificate Format above is selected as PKCS12 Format, then upload the .p12 file here, else if the Certificate Format is set to PEM Format, then upload the certificate file of the pem pair here.

CA Certificate PKCS12 PassPhrase: Provide the pkcs12 passphrase for the .p12 file, and for PEM Format leave this field blank

CA Key File: If PKCS12 Format is selected, leave this field blank, If PEM Format is selected, you can upload the key file here. This field is optional.

CA Key PassPhrase: Please provide the key file's passphrase, if the key file is uploaded.