Using a Publicly Known CA in UMS
The following files are needed:
- CA root certificate
- ICG Server certificate signed by the CA
- ICG server private key
To use a publicly known CA in the UMS:
- In UMS Console go to UMS Administration > Global Configuration > Cloud Gateway Options.
- In the Certificates section, click to import the root certificate.
- Choose the CA's root certificate file (in PEM format).
The CA's root certificate appears in the list.
- Right-click the CA's root certificate and select Import signed certificate.
- Click OK.
The signed certificate appears in the list.
- Right-click the signed certificate and select Import decrypted private key.
If the private key is protected with a passphrase you need to decrypt it using the OpenSSL commandline tool:
openssl rsa -in encrypted.key -out decrypted.key
- Choose the decrypted private key file.
The data can now be used to produce a keystore file for the ICG server.
- Right-click the signed certificate and select Export certificate chain in IGEL Cloud Gateway keystore format.
The file keystore.icg is created. This file will be required for the gateway.
- Save the keystore.icg file.