Versions Compared

Old Version 1

changes.mady.by.user Christina Loher (Deactivated)

Saved on

compared with

New Version Current

changes.mady.by.user Emese Pogany

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Menu path: UMS Administration > Global Configuration > Certificate Management > Cloud Gateway

Overview

Here, you can manage the certificates for the communication between the IGEL Cloud Gateway (ICG) and the endpoint devices.

...

Menu path: UMS Administration > Global Configuration > Certificate Management > Cloud Gateway

For details of how to set up all components for a connection to the ICG, read Installation Guide.

Use

see IGEL Cloud Gateway > ICG Manual > IGEL Cloud Gateway Installation and Setup.

Use

  • IGEL Cloud Gateway > ICG Manual > Administration > How to Exchange the Root Certificate for ICG

  • IGEL Cloud Gateway > ICG Manual > Administration > Renewing a Signed Certificate for the ICG

  • Exchanging the Root Certificate for ICG

Possible Actions


Include PageENLITEUMSP:_Create root certificateENLITEUMSP:_Create root certificate Create image-20240617-135818.pngImage Added - Create a root certificate. Include PageENLITEUMSP:_Import root certificateENLITEUMSP:_Import root certificate

image-20240617-135835.pngImage Added - Import a root CA certificate.

Include PageENLITEUMSP:_Create signed certificateENLITEUMSP:_Create signed certificate Create image-20240617-135852.pngImage Added - Create a signed certificate from the CA certificate (root or intermediate) that is currently selected. Include PageENLITEUMSP:_Remove certificateENLITEUMSP:_Remove certificate

 Remove image-20240617-135906.pngImage Added - Remove the selected certificate from the UMS. Only certificates that are not currently in use can be removed.

Include PageENLITEUMSP:_Export certificate chain to ICGENLITEUMSP:_Export certificate chain to ICGimage-20240617-135933.pngImage Added - Export the selected end certificate and its complete certificate chain to a keystore in the IGEL Cloud Gateway keystore format. Include PageENLITEUMSP:_Show certificate contentENLITEUMSP:_Show certificate content

image-20240617-135940.pngImage Added - Show the content of the selected certificate. 

Include PageENLITEUMSP:_Navigate to ICGENLITEUMSP:_Navigate to ICGimage-20240617-135945.pngImage Added - Navigate to an IGEL Cloud Gateway that is using the selected certificate.

Generate root certificate

Display name: Name in the root certificate (common name, CN).

...

Valid until: Local date on which the certificate expires. (Default: in 20 years)

Import root certificate

The file selection window opens, allowing you to select the certificate file.

Create a signed certificate

Display name: Name in the certificate (common name, CN).

Your first and last name: Name of the certificate holder.

Your organization: Organization, company, government agency.

Your locality (or random identifier): The location of the organization.

Warning

The name in a signed certificate must be different from the one in the root certificate with which it is signed. UMS provides a warning in this case: Invalid CertificateImage Removed

Invalid CertificateImage Added


Your two-letter country code: ISO 3166 country code, e.g. DE for Germany.

...

Certificate type
Possible options:

  • CA Certificate: The certificate can be used to sign other certificates, but it cannot be used by the ICG.

  • End Entity: The certificate can be used by the ICG, but it cannot be used to sign other certificates.

Context menu (root certificate)

Create signed certificate: Collects certificate data and signs them with the selected root certificate.

Import signed certificate: Imports a certificate that was already signed outside the UMS by the imported CA.

Import decrypted private key: Imports a private key file.

Info

If the private key is protected with a passphrase, you must decrypt it on the command line with OpenSSL before importing it: openssl rsa -in encrypted.key -out decrypted.key


Remove certificate: Deletes the certificate from the UMS.

...