Creating certificates

You can generate certificates in the SMC, then sign the certificate request with tools in the SMC or with an external certificate authority.

TLS Credentials elements represent both certificate requests and signed certificates in the Management Client. When a certificate request has been signed, the TLS Credentials element represents a certificate. In the Configuration view, the State column for the TLS Credentials element shows whether the element represents a certificate request or a signed certificate.

There are three ways to sign certificate requests:

  • Self-sign the certificate request.
  • Sign the certificate request with the Management Server's internal certificate authority.
  • Export the certificate request, sign the certificate request with an external certificate authority, then import the signed certificate.

TLS Credentials elements that represent signed certificates can be used in the properties of several types of elements to secure connections involving those elements.

Table 1. Types of elements where TLS Credentials elements can be used
Element Purpose
Web Portal Server The certificate is used to secure the server’s connections using HTTPS.
Management Server The certificate is used to secure communications between the SMC API client and the Management Server.
SSL VPN Portal The private key and certificate are used to establish SSL connections to the SSL VPN Portal.
SSL VPN Portal Service The private key and the certificate are used in DNS Mapping to establish SSL connections to the service.