Assigning Externally Created Private Keys to TLS Contexts
The following procedure describes how to assign an externally created private key to a TLS Context.
|
➢
|
To assign an externally created private key to a TLS Context: |
|
1.
|
Obtain a private key in either textual PEM (PKCS #7) or PFX (PKCS #12) format (typically provided by your security administrator). The file may be encrypted with a short pass-phrase. |
|
3.
|
In the table, select the required TLS Context, and then click the Change Certificate link located below the table; the Change Certificates page appears. |
|
4.
|
Scroll down to the Upload Certificate Files From Your Computer group. |
|
a.
|
(Optional) In the 'Private key pass-phrase' field, enter the password (passphrase) of the encrypted private key file. The default passphrase is "audc". The passphrase can be up to 32 characters. If there is no passphrase, leave the field blank. |
The passphrase cannot be configured with wide characters.
|
b.
|
Load the private key file (see Step 1), by selecting it using the Browse button corresponding to the 'Send Private Key file ...' text, and then clicking Load File. |
|
c.
|
If your security administrator has provided you with a device certificate file, load it by selecting the file using the Browse button corresponding to the 'Send Device Certificate file ...' text, and then clicking Load File. |
The loaded private key file must match the loaded device certificate file.
|
5.
|
After the files successfully load to the device, save the configuration with a device reset. |
|
6.
|
Verify that the private key is correct: |
|
a.
|
Open the TLS Contexts table. |
|
b.
|
Select the required TLS Context index row. |
|
c.
|
Click the Certificate Information link located below the table. |
|
d.
|
Make sure that the 'Status' field displays "OK"; otherwise (i.e., displays "Does not match certificate"), consult with your security administrator: |
