certificate
Note: The following commands are only available when VDOMs are enabled. Any certificate uploaded to a VDOM is only accessible to that VDOM. Any certificate uploaded to the Global VDOM, it is globally accessible by all VDOMs.
Use these commands to configure per-VDOM global certificate settings.
The process for obtaining and installing certificates is as follows:
- Use the
execute vpn certificate local
command to generate a CSR. - Send the CSR to a CA.
The CA sends you the CA certificate, the signed local certificate and the CRL.
- Use the
certificate local
command to install the signed local certificate. - Use the
certificate ca
command to install the CA certificate. - Use the
certificate crl
command to install the CRL.
Depending on your terminal software, you can copy the certificate and paste it into the command. The local certificate can update automatically from a Simple Certificate Enrollment Protocol (SCEP) server.
To configure certificates outside of VDOMs, use the config vpn certificate ca, crl, and local commands.
This section includes syntax for the following commands: