Export
a Certificate for a Peer to Access Using Hash and URL
IKEv2 supports Hash and URL Certificate Exchange as
a method of having the peer at the remote end of the tunnel fetch
the certificate from a server where you have exported the certificate.
Perform this task to export your certificate to that server. You
must have already created a certificate using
Device
Certificate Management
.
Select
Device
Certificates
, and if your platform
supports multiple virtual systems, for
Location
,
select the appropriate virtual system.
On the
Device Certificates
tab,
select the certificate to
Export
to the server.
The status of the certificate should be valid, not expired.
The firewall will not stop you from exporting an invalid certificate.
For
File Format
, select
Binary
Encoded Certificate (DER)
.
Leave
Export private key
clear.
Exporting the private key is unnecessary for Hash and URL.