The following files are needed:

  • CA root certificate
  • ICG Server certificate signed by the CA
  • ICG server private key

To use a publicly known CA in the UMS:
  1. In UMS Console go to UMS Administration > Global Configuration > Cloud Gateway Options.
  2. In the Certificates section, click cert-icon_0_2 to import the root certificate.
  3. Choose the CA's root certificate file (in PEM format).
    The CA's root certificate appears in the list.
  4. Right-click the CA's root certificate and select Import signed certificate.
  5. Click OK.
    The signed certificate appears in the list.
  6. Right-click the signed certificate and select Import decrypted private key.
    If the private key is protected with a passphrase you need to decrypt it using the OpenSSL commandline tool: openssl rsa -in encrypted.key -out decrypted.key
  7. Choose the decrypted private key file.
    The data can now be used to produce a keystore file for the ICG server.
  8. Right-click the signed certificate and select Export certificate chain in IGEL Cloud Gateway keystore format.
    The file keystore.icg is created. This file will be required for the gateway.
  9. Save the keystore.icg file.