Importing a Certificate Signing Request (CSR) from a Commercial Certificate Authority (CA)

After you create your CSR and send it to a CA, you will receive an e-mail with a CSR Response. In order to import this CSR Response into the appliance there are three main things you need to do:

• Get the CA's root certificate
• Append the CA's root certificate to the CSR response
• Import the CSR response with the CA's root certificate into the appliance

Note: The certificate type needed is an Apache certificate. Apache/modSSL is not correct.  

In this example there is no intermediate certificate chain, so we only have to add the CA's root certificate to the CSR Response. 

This is an example of a CSR response. It is also referred to as a "cert blob":

Base-64 encoded X.509(.CER).

• Click Next.
• Save this file locally.

Now you have the CA's root certificate. We can then append it to the CSR Response received from the CA.

Appending the CA's root certificate to the CSR response:

1. Open the CA's root certificate you just saved in a text editor and copy it to the Clipboard.
2. Open the CSR response saved earlier (yourcsr.cer).
3. Paste the CA's root certificate at the very bottom. It should look something like the example below.
4. Save this CSR response as csrwithroot.cer and then import it to the Aventail appliance.

CA's root certificate and CSR response example:




Importing the CSR response with the CA's root certificate into the appliance:

 

1. Log in to AMC.
2. Click SSL Settings in the main AMC navigation menu.
3. Click Process CSR Response.)
4. Browse to the CSR Response just created (csrwithroot.cer).
5. Click Save.
6. Apply the Pending Changes.