The following files are needed:
-
CA root certificate
-
ICG Server certificate signed by the CA
-
ICG server private key
To use a publicly known CA in the UMS:
-
In UMS Console, go to UMS Administration > Global Configuration > Certificate Management > Cloud Gateway.
-
In the Certificates section, click
-
Choose the CA's root certificate file (in PEM format).
The CA's root certificate appears in the list. -
Right-click the CA's root certificate and select Import signed certificate.
-
Click OK.
The signed certificate appears in the list. -
Right-click the signed certificate and select Import decrypted private key.
If the private key is protected with a passphrase you need to decrypt it using the OpenSSL commandline tool: openssl rsa -in encrypted.key -out decrypted.key
-
Choose the decrypted private key file.
The data can now be used to produce a keystore file for the ICG server. -
Right-click the signed certificate and select Export certificate chain in IGEL Cloud Gateway keystore format.
The filekeystore.icgis created. This file will be required for the gateway. -
Save the
keystore.icgfile.