SSL Certificate

This screen shows the summary of all the CA (Certificate Authority) Certificates. CA Certificates are classified based on their properties as :

SSL Certificate

Signing CA - CA certificates with private key and thus can be used to sign a certificate request.

and

Verifying CA - CA certificates without private key.

Signing CA Certificates are used to sign any new user certificate request created and also to verify tunnel certificates created/uploaded through the VPN -> IPsec -> Tunnels tab.

Verifying CA Certificates are only used to verify tunnel certificates uploaded through the VPN -> IPsec -> Tunnels tab.

Though there can be multiple Verifying CA's , Only one Signing CA is allowed to be created, to create another Signing CA, delete the existing one.

The Tasks subsection allows a particular certificate to be either downloaded or deleted. The certificate can be downloaded as a PEM or as a p12(pkcs#12 file format) file.

When downloading Signing CA as PEM the certificate is compressed and downloaded in tgz format, this file can be decompressed (using any standard decompressing tool like WinZip) to find the Certificate and Private Key of the Signing CA.

● To add SSL Certificate click on button.

● To delete SSL Certificate click on button.