Create and Import a Custom Certificate or Certificate Signing Request

You can use the GUI to generate a self-signed certificate or a certificate signing request (CSR). You can then import a certificate authority (CA) signed custom certificate.
NOTE: If you already have a custom certificate and you add another one, the add operation becomes a replace operation and replaces your current custom certificate.
  1. From the GUI, select AdministrationSecuritySSL Certificate.
  2. From the SSL Certificates and Signing Request page, click the plus (+) icon to add a certificate.
  3. Under Certificate Actions, use the drop-down list to select the operation you want to perform.
    The list provides you with the following options:
    1. Generate a self-signed custom certificate
    2. Generate a certificate signing request (CSR)
    3. Install a CA (certificate authority) signed certificate
    4. Import a trusted certificate
    5. Install a custom PKCS12 bundle.
      NOTE: The array supports only RSA certificates. If your PKCS12 bundle does not contain an RSA private key, generate a new PKCS#12 file using an RSA private key.
  4. Enter the required information.
    For the first two options in the Step 3 list, you can provide the following:
    • The certificate information including the number of days the certificate will be valid
    • The FQDN list
    • The IP address
    NOTE: If you do not specify values for these fields, then the default values are used to generate the CSR or self-signed custom certificate.
    For the third option, You must paste in the CA Certificate chain and the signed certificate. Use PEM format for this information.
    For the fourth option, enter the name of the certificate and check the button that specifies the method you want to use to provide the certificate chain.
    For the last option, use the Choose File browse option to locate the PKCS12 bundle. You can enter a password; however, you can create a bundle without a password and import it. For security purposes, it is a good practice to always create the bundle with a password.
    NOTE: The file that you upload must contain the entire certificate chain. If it does not, an error occurs.
  5. Select Save.