Like the majority of server systems you will install your SSL certificate on the same server where your Certificate Signing Request (CSR) was created. Your private key will always be left on the server system where the CSR was originally created. Your SSL certificate will not work without this private key file. We will assume that this is the original system.
To Install your SSL certificate on F5 FirePass perform the following.
Step 1: Downloading your SSL Certificate & its Intermediate CA certificate:
- If you had the option of server type during enrollment and selected Other you will receive a x509/.cer/.crt/.pem version of your certificate within the email. Alternately you can access your Certificate User Portal by the supplied link in the email to pick up the x509 version of your certificate.
- Copy the SSL certificate and make sure to copy the —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– header and footer Ensure there are no white spaces, extra line breaks or additional characters.
- Use a plain text editor such as Notepad, paste the content of the certificate and save it with extension .txt.
- If your intermediate CA certificate for your product is not in the body of the email you can access your Intermediate CA also in a link within that email. Copy and paste the contents of your Intermediate CA into its own Notepad file and save it with a .txt extension also.
Note: Some CAs may require two intermediates for best compatibility. These two are to be copied within their own corresponding .txt files and installed one at a time in a repeated process for intermediate installation.
Step 2: Installing your SSL Certificate & Intermediate CA:
- Open the Admin Console.
- Click Server.
- Click Security.
- Select the Certificate link.
- Select Install.
- Select Add New Certificate.
- Under the new certificate box copy and paste the entire contents of your SSL certificate .txt into the field.
- Under the cryptographic key box copy and paste or browse to the location and path of the private key that you created when you generated your CSR (new.key).
- Enter the password that was used when creating the CSR. If there was no password used, you can leave this field blank.
- Under Optionally, put your intermediate certificate chain here (in the PEM format). Copy and paste your Intermediate CA.
- Click Go to complete the installation.
Step 3: Associating your new SSL Certificate to a web service:
- In the navigation pane, click Device Management, expand Configuration, and click Network Configuration. The IP Configuration screen opens.
- Click the Web Services tab.
- In the Web Server Configuration table, click the Configure link for a service that has SSL enabled.
The web services that are SSL-enabled contain the text SSL in the Use SSL column of the table
- From the Certificate list, select your newly installed certificate and key.
Note: You can view details about each certificate on the SSL Server Certificate screen. To access the screen, from the Web Services screen, click the Configure SSL Certificates link.
- Click Update.
- When you are finished, click the Finalize tab at the top of the page and follow the instructions to put the changes into effect.
You have installed your SSL certificate and it should now be configured for your website.
If you are unable to use these instructions for your server, Acmetek recommends that you contact either the vendor of your software or the hosting organization that supports it.
For more information refer to F5