- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
How to install SMB SSL-VPN certificates in SonicWall UTM appliances.
03/26/2020 
81 People found this article helpful
100,236 Views
Description
This article describes how to export a signed third-party certificate from an SMB SSL-VPN appliance and import it into a SonicWall UTM appliance.
Resolution
Prerequisite:
- A signed certificate installed in the SMB SSL-VPN appliance. Refer to this document for more information on installing a certificate in a SMB SSL-VPN device: SMB SSL-VPN: Creating and Installing Digital Certificates on SonicWall SSL VPN Appliances
- OpenSSL installed. The commands shown in this article to convert the certificate are using OpenSSL.
Procedure:
- Login to the SMB SSL-VPN device
- Navigate to the System > Certificates page.
- Click on the down-arrow button under Download and save the zip file.
- The zip file will contain both the signed certificate and its private key.
- Extract the contents of zip file.
- It will contain "server.crt" and "server.key"
In OpenSSL enter the following commands to convert the certificate and the key to a PKCS12 (.p12 or .pfx) encoded certificate :
If a password was defined when importing the signed certificate into the SMB SSL-VPN appliance, you may remove it using the following command:
>>openssl rsa -in server.key -out server.key
You will be prompted for a password. Enter the password and press the enter key.
To convert the certificate and the private key to PKCS12 format (.pfx, .p12), enter the following command:
>>openssl pkcs12 -export -out server.pfx -inkey server.key -in server.crt <press enter>
When prompted for a password, enter a new password. This will be the management password for the certificate.
A new file named "server.pfx" will be created.
- Login to the SonicWall management GUI.
- Navigate to the System > Certificates page.
- Click on the Import button.
- Select the radio-button under Import a local end-user certificate with private key from a PKCS#12 (.p12 or .pfx) encoded file.
- Enter a name for the certificate.
- Enter the password for the certificate, if any.
- Click on the Browse button and select "server.pfx".
- Click on the Import button. The certificate will be imported with Pending under Validated
- Import the CA certificate to validate the certificate.
Your certificate has been installed in the SonicWall. It could be used for SonicWall web management and UTM-SSL VPN. It is recommended that you import the root and intermediate certificates into your browser to avoid browser errors.
Related Articles
- Analyzing TCP reset(RST)packets
- ‘Error sending one-time password’ encountered when connecting to NetExtender
- Supported SonicWall and 3rd party SFP and SFP+ modules that can be used with SonicWall NSsp series
Categories
- Firewalls > TZ Series
- Firewalls > SonicWall SuperMassive E10000 Series
- Firewalls > SonicWall SuperMassive 9000 Series
- Firewalls > SonicWall NSA Series
YES
NO