Knowledgebase
How to install a third party Certificate in 2x Server 10.5
Posted by Rupert Newton on 10 April 2013 01:49 PM

How to Install a Third Party Certificate into the 2x Server:

  • These directions are for the case where you are only using one Cert for the 2x Server. The 2x Server will use an Apache type Certificate.
  • If you want to put the same Cert on IIS for the 2x Web Portal, you will have to use the old method: requesting an IIS cert, installing it in IIS, exporting a copy in pfx format, converting it to PEM and placing the single key generated in the Private Key and Public Key Field.
  • The Third Scenario might be, you purchase 2 Separate Certs: one for IIS, and another Apache one for the 2x Gateway to use.
  • One other importatant note, the trusted.pem file on the 2x client side, must have the intermediate Certificate in its contents to be able to verify the cert from the third party vendor.  If the Intermediate Certificate for the vendor is not in the trusted .pem file you will have to paste it in manually, or create a trusted.pem template file with the proper Intermediate Certificates in its contents and then replace the old trusted.pem file with this newly updated one. This file resides in program files\2x or program files(x86)\2x on the client side.

Go to the 2x console > farm > gateway > ssl tab

Choose your SSL settings choices SSL v3, etc.

Choose CSR

Fill in the data

Copy and paste the CSR into notepad and save the file for your records.

Paste the CSR into the Vendors Website page or email it to the vendor.

Request a return Certificate in the following format: Apache, all in one single file ( which has the private, public and intermediate CA all in one file ), with the pem extension.

When you receive this file, place it in a secure folder for back up retrieval.

 Click the Import Public Key button, and browse to this folder or a secondary location where you have a copy of the single all in one cert and insert this pem file into the Certificate key field.

 Clicks apply and test. Note: The private key should already be populated from your initial CRS request.

(1 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments: