Upload Certificate/Keys

Certificates and paired keys can be uploaded to the DSG.

Click Upload option in the Certificates tab to upload the certificate.

After clicking Upload Certificate, you can either upload a key or a certificate. When you upload a certificate, the password field does not appear.

After you click Choose File to select the key file, you must click Upload Certificate. Enter the password, and then click Upload Certificate again.

It is recommended that upload of any certificate or key is performed on the ESA. If the certificate is uploaded to a DSG node and configurations is deployed from ESA, then the changes made on the DSG node are overwritten by the configuration pushed by the ESA.

Note: Ensure that the passphrase for any key that is uploaded to the DSG Web UI is of minimum 8 character length.

If the key you uploaded is an encrypted private key, then you must enter the password for the key.

If the key you uploaded is a non-encrypted private key, an option is presented to encrypt the private key. If you select the option, you must provide a password that the DSG uses to encrypt the non-encrypted private key before it is stored internally.

The following figure illustrates the Upload Cerficate/Key screen

The following table describes the available options:

CalloutColumn/Textbox/ButtonDescriptionNotes
1Choose FileSelect certificate and key files to upload.You cannot upload multiple files in an instance. You must first upload the certificate file, and then the paired .key file. If you upload unpaired keys or certificates, then they are not displayed on the Certificate screen.
2*Do you want to encrypt the private keySelect the check box to encrypt a non-encrypted private key. If you clear the check box, then the private key will be uploaded without encryption.It is recommended that any non-encrypted private is encrypted when uploaded to the DSG.
3*PasswordEnter the password for an encrypted private key. For a non-encrypted private key, provide a password that will be used to encrypt the key.The DSG supports ASCII passwords for keys. If your private key is encrypted with any other character password, then ensure that it is changed to an ASCII password.
4*Confirm PasswordRe-enter the password
5Upload CertificateUpload the certificate or .key file.If you upload a private key without an extension, then ensure that you append the .key extension to the key.
*-Appears only when a key is uploaded.
Last modified January 21, 2025