Open with table of contents

Uploading a Certificate Authority certificate

After you have obtained or created a Certificate Authority (CA) certificateClosedA digital means of proving your identity. When you send a digitally-signed message, you are sending your certificate and public key. Certificates are issued by a certification authority and can expire or be revoked., you need to upload it to the Web Gateway. To upload a CA certificate:

  1. Navigate to System > Proxy Settings > Listening Ports.
    The Listening Ports page is where you can find the HTTPS Certificate and Private Key settings.
    2.  

    You can find information regarding the current certificate key and private keyClosedThe secret key kept on the sender's computer that the sender uses to digitally sign messages to recipients and to decrypt messages from recipients. Private keys should be password protected. files under the HTTPS Certificate and Private Key settings page. This summary includes the Distinguished Name (DN), Issuer DN, validation period, and the key algorithm used. You do not need to edit the settings in order to retrieve this information.

    These details are listed in the CA certificate itself, which you will need to edit. Refer to Creating a Certificate Authority certificate for more information.
  2. Click the Click here to change these settings button. Then navigate to and select the Certificate file and / or the Private Key file. These must be PEM files.
  3. Enter the pass phrase and confirm it before clicking Save.
  4. Apply the configuration.
 

If, for any reason, the CA certificate upload fails validation, the Web Gateway displays error or warning messages, detailing why it has failed validation. Potential reasons for failed validation include:

Errors

  • incorrect pass phrase
  • incorrect format or corrupted certificate
  • invalid or expired certificate
  • mismatched certificate and private keys
  • certificate is not a CA certificate

Warnings

  • missing or incorrect key usage

If upload validation has failed on multiple counts, all the reasons are displayed in a single error message, and any warnings are also displayed. If you receive warnings on your CA certificate upload, you can proceed with the upload if you wish. However, if you receive error messages, the errors must be resolved before you can continue.

© 1995–2018 Clearswift Ltd.