This article applies to our On-Premise Appliance Filter and Firewall product only, not to Cloud.
This article outlines how to import certificates and Certificate Authorities including the accepted file types.
Important
Some certificate providers sell an intermediate CA for Public Key Infrastructure (PKI) use. Although it is possible to import this and set it as your Default CA to generate Dynamic certificates, this CA won’t work for HTTPS Inspection. If you must use one of these CAs as your Default CA, set a different CA for HTTPS Inspection.
Import a CA from the Certificate authorities page
The quickest way to import a CA is from the Certificate authorities page, but you can also use the Certificates for services page (see the Import a certificate section).
- Go to System > Certificates > Certificate authorities.
Note
You can only import CA .pem files from this page.
- In the Import Certificate Authority certificate section, select Choose File.
- Locate and select the file.
- Select Import CA certificate from PEM.
Import a certificate or CA from the Certificates for services page
- Go to System > Certificates > Certificates for services.
- Select Import.
- Select Choose File.
- Locate and select one or multiple certificates and keys, no matter how many files they're presented in. Accepted formats are:
- DER X.509 certificates (.cer, .der, .crt)
- Base64 (PEM) X.509 certificates (.pem, .b64, .cer, .crt)
- DER PKCS#7 certificates (.p7, .p7b, .p7c)
- Base64 (PEM) PKCS#7 certificates (.p7, .p7b, .p7c)
- DER PKCS#8 certificates (.p8)
- DER PKCS#12 certificates and private keys (.p12, .pfx)
- DER private keys (.key)
- Base64 (PEM) private keys (.key)
- Smoothwall analyses the file for valid certificates and keys.
- If found, you can see these in the Discovered Keys and Certificates section.
- If not found, nothing will show in this section and the file won’t be imported.
- Select Import.