Select the default internal certificate authority
If you have both an Internal RSA CA for Gateways and an Internal ECDSA CA for Gateways, only one certificate authority can be selected as the default certificate authority.
Only the default certificate authority is used in automated RSA certificate management. You must manually create and renew any certificates that are not signed by the default CA.
CAUTION:
All gateways in the same VPN must support the CA algorithm used by the default certificate authority. Otherwise, VPN communication fails.
For more details about the product and how to configure features, click Help or press F1.
Steps
- Select Configuration, then browse to SD-WAN.
- Browse to .
- Right-click the Internal CA for Gateways that is not currently the default certificate authority, then select .