Import a Certificate for IKEv2 Gateway Authentication
Perform this task if you are authenticating
a peer for an IKEv2 gateway and you did not use a local certificate
already on the firewall; you want to import a certificate from elsewhere.
This
task presumes that you selected
Network
IKE Gateways
, added a gateway,
and for
Local Certificate
, you clicked
Import
.
Import a certificate.
Select
Network
IKE Gateways
,
Add
a gateway,
and on the
General
tab, for
Authentication
,
select
Certificate
. For
Local
Certificate
, click
Import
.
In the Import Certificate window, enter a
Certificate
Name
for the certificate you are importing.
Select
Shared
if this certificate
is to be shared among multiple virtual systems.
For
Certificate File
,
Browse
to
the certificate file. Click on the file name and click
Open
,
which populates the
Certificate File
field.
For
File Format
, select one
of the following:
Base64 Encoded Certificate (PEM)
—Contains
the certificate, but not the key. It is cleartext.
Encrypted Private Key and Certificate (PKCS12)
—Contains
both the certificate and the key.
Select
Import private key
if
the key is in a different file from the certificate file. The key
is optional, with the following exception: