Upload certificates

Certificates must be uploaded to Access Gateway before they can be associated with applications.

 

These steps show how the command line console can be upload user supplied certificate.

Info

Note

User supplied certificates are normally issued and signed by a trusted CA, but can also be a self-signed.

  1. Using SSH connect to the Access Gateway Management console. For a complete list of command line console command see Command Line Management Console reference.
  2. Enter 2 to enter the Services sub-menu.

  3. Enter 1 to enter the NGINX sub-menu.

  4. Enter 6 to update an SSL certificate.
    All existing certificates will be displayed and will resemble:

    Available Certificates:
    -----------------------
    [1] admin.crt
    [2] gateway_info.crt
    [3] localhost.crt
    . . . 
    [a] Add new certificate
    [x] Exit
    [#, a, x]: 
    

  5. Select a command to perform:

    1. x - Exit the add/modify certificates sub-menu.
    2. a - Add a new certificate.
    3. # - Modify an existing certificate.

Add a new certificate

Certificates are added via cut and paste operations.

Info

Note

Both the certificate and the key must be in PEM format.

Info

Note

Depending on your OS the command sequence for copy/paste may be different.
This applies only to copy/paste operations and not completing the entry of certificate contents.

  1. In a text editor open the new certificate file.
  2. Within the editor select and copy the contents of the certificate file.
  3. Return to the command line console and paste the certificate file contents.
  4. Press [ctrl][d] to save the certificate contents.
    Info

    Note

    The command line console will then open a new editor for the certificates associated key contents.

  5. In a text editor open the key file.
  6. Within the editor select and copy the contents of the key
  7. Return to the command line console and paste the key file contents.
  8. When complete, press [ctrl][d] to save the key contents.
Info

Note

The hostname and certificate type will be pulled automatically for the certificate.

If an existing certificate is being updated, a prompt showing A certificate for this domain already exists, do you wish to replace it? [Y,N] will be presented. To proceed with the certificate update, press the y , followed by Enter.

Modify an existing certificate

When modifying an existing certificate you will be presented with three options:

  • [d] - Delete certificate
  • [u] - Update certificate
  • [x] - Return without change.

To exit without change enter x.

To update a certificate, enter u.
Follow the prompts to copy and paste the replacement certificates key and certificate file, both of which must be in PEM format.

To delete a certificate, enter d.
Follow the prompt to confirm the delete or cancel.

Next steps