Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Contributor

Import P12 Certificate

Hi there,

We're merging a R80.20 into a R80.30 SMS, the number of rules on the R80.20 is low -around 40 rules- so we're doing it via a simple script to create the objects/groups etc. which we don't have any issue with

The R80.20 is managing a single gateway used for remote access, the certificate used on it, is generated by the customer own CA server (we got a trusted root, subordinate and then the certificate).

We did export it using the command export_p12, though how shall we import it into the R80.30 SMS?

Obviously import_p12 command doesn't exist, looked around but couldn't find any leads

Cheers

Ps: we could've re-created the certificate on R80.30 from scratch, but we're trying to avoid the fingerprint warning window upon users trying to connect.

0 Kudos
3 Replies
Highlighted
Admin
Admin

Pretty sure this is done on the relevant gateway object in SmartConsole.
You may also need to create an OPSEC CA object for the relevant CA as well, requiring the public CA key.
0 Kudos
Highlighted
Contributor

Thanks Dameon,

We managed to import the Root CA and its subordinate with no issue (click on the trusted certificate --> from OPSEC PKI select Save As.., then on the new SMS create a new Root|Subordinate and clicking on "Get", pointing to the file saved in the previous step.

Though when it comes to the actual certificate (using the Root and Subordinate created above), there isn't a similar approach. Clicking on the gateway properties then IPSec VPN, you only have one choice to use the "Add" button which generates a new CSR file to sign the certificate, no import or get from a p12 file!

0 Kudos
Highlighted
Admin
Admin

Hm... yeah, you're right, there's no obvious option for this.
Let me check with the experts here.
0 Kudos