Solutions

Importing a certificate generated by other devices for intercepting reverse proxy

Solutions ID:    KB4155
Version:    1.0
Status:    Published
Published date:    11/04/2010
 

Problem Description

You want to configure a reverse proxy deployment using a certificated generated on a backend server and submitted to the CA for signing. You must import the certificate onto the ProxySG.

Resolution

1. Make sure you have the following ready:

> Private key of the certificate. This should be in the PEM format (when you open this in a notepad, it should begin with "BEGIN RSA PRIVATE KEY" and end with "END RSA PRIVATE KEY").

> The certificate. This should be in the PEM format (when you open this in a notepad, it should begin with "BEGIN CERTIFICATE" and end with "END CERTIFICATE").

> SSL license on the SG.

 

2. Create a new keyring, making sure to select the 'Import keyring' option as described in the following steps:

Go to Configuration > SSL > Keyrings > Click on the "Create" button.

Enter a name for the keyring.

Select the following options:

- Show keypair

- Import keyring

Copy the private key into the "Keyring" text box.

Select the "Keyring password" option box and enter the private key password (if any).

Click OK.

Click Apply.

 

3. Import the certificate into the new keyring:

Highlight the new keyring that you created in Step 2 above.

Click the "Edit" button.

Under the "Certificate" section, click the "Import" button.

Copy the certificate into the "Import certificate" text box.

Click OK.

Click Close.

Click Apply.

 

4. Choose the keyring that you created above under the 'HTTPS Reverse Proxy' for the backend server.

Go to Configuration >  Services > Proxy Services > Edit the service (with the assumption that the 'HTTPS Reverse Proxy' service already been created).

Under the 'Proxy settings' section > Keyring >  Choose the keyring that you created on the steps above.

Click OK.

Click Apply.


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
 
 
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.
 
 

Your response will be used to improve our document content.

Ask a Question