Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

How to Import and Install a Certificate to a Virtual Service

Information

Summary:

How to Import and Install a Certificate to a Virtual Service

Environment:

Product: LoadMaster, ECS Connection Manager

Version: Any

Platform: Any Virtual Platforms

Application: HTTPS Web Applications

Question/Problem Description:

What steps do I need to perform to in order to import a certificate and apply the certificate to my virtual service

Steps to Reproduce:  
Error Message:

 

 

Defect Number:  
Enhancement Number:  
Cause:  
Resolution:

When SSL offloading or Re-encryption is enabled for a Virtual Service, we need to import and apply a certificate to that Virtual Service.

To import a certificate to Kemp WUI, please implement the following steps:

  1. In the main menu, select Certificates & Security > SSL Certificates
  2. Under Manage Certificates, Select > Import Certificatesmceclip1.png
  3. To install a certificate, the certificate can  be .pfx, .pem or .cer file format. 
  4. To install a certificate with a PFX or PKCS#12 format:-
    1. Select > Certificate File & choose Certificate with .pfx and .p12 file type. PFX files can have the extensions .pfx and .p12
    2. Ignore the Key File (optional) field if the .pfx and .p12 Certificate contains/includes the private key.
    3. If .pfx and .p12 Certificate File does not contain the private key, please select > Key File (optional) & choose the private key created/linked to this certificate. Note. The Key File format needs to be saved as a .key file type.
    4. Enter password in the Pass Phrase field if there is a password assigned with this .pfx and .p12 certificate when generated. 
    5. Select a name to identify your certificate on the Kemp WUI and enter the value into the Certificate Identifier field.mceclip3.png
    6. Select Save. PFX or PKCS#12 Certificate is now uploaded to the Kemp WUImceclip5.png
  5. To install a certificate with a .PEM format
    1. Select > Certificate File & choose Certificate with .pem file type.
    2. Ignore the Key File (optional) if the .pem Certificate contains/includes the private key.
    3. If .pem Certificate File does not contain the private key, please select > Key File (optional) & choose the private key created/linked to this .pem certificate. Note. The Key File format needs to be saved as a .key file type.
    4. Enter the password in the Pass Phrase field if there is a password assigned with this .pem certificate when generated. 
    5. Select a name to identify your certificate on the Kemp WUI and enter the value into the Certificate Identifier field.mceclip6.png
    6. Select Save.PEM Certificate is now uploaded to the Kemp WUImceclip7.png
  6. To install a certificate with a .CER format
    1. Select > Certificate File & choose Certificate with .cer file type.
    2. A .cer file can be in binary (ASN.1 DER) or encoded with Base-64 with header and footer included (PEM)
    3. The .cer Certificate File does not contain the private key, please select > Key File (optional) & choose the private key created/linked to this .cer certificate. Note. The Key File format needs to be saved as a .key file type.
    4. Enter the password in the Pass Phrase field if there is a password assigned with this .cer certificate. 
    5. Select a name to identify your certificate on the Kemp WUI and enter the value into the Certificate Identifier field.mceclip8.png
    6. Select Save.CER Certificate is now uploaded to the Kemp WUImceclip10.png
  7. Select Certificates & Security > SSL Certificates
  8. Identify the Certificate that was uploaded. 
  9. Select the Available VSs under Assignment that you want to assign the certificate to & select/move the Available VS to Assigned VS using the > Button. Once the Assigned VS has been selected with your certificate, select Save Changes.mceclip11.png
  10. The Virtual Service with SSL offloading or Re-encryption configured has now been applied with you new Certificate. Note. If you do not see your Virtual Service listed under Available VSs, the Virtual service in questions is not configured for SSL offloading or Re-encryption. 
Workaround:  
Notes:

https://support.kemptechnologies.com/hc/en-us/articles/203125829-SSL-Accelerated-Services


Comments