How to Upload a PFX or P12 Certificate in Access Manager 1.2

For secure, trusted access you must install an SSL server certificate on the Nervepoint Access Manager server. Access Manager only reads certificate files in the PEM format, this article shows you how to convert a PK12 or PFX file to PEM format before uploading key and certificate to your Nervepoint Access Manager server.

The steps are as follows:

  1. Convert PFX or P12 certificate and key files to PEM format

  2. From Access Manager upload any intermediate certificate files

  3. Upload the new PEM formatted key into the Access Manager VM

  4. Upload the associated new PEM formatted certificate into the Access Manager VM

  5. Synch the certificate over to Access Manager server

Prerequisites:

Step 1: Convert to PEM Format

NOTE: If you have requested and installed a certificate onto a Windows server using the Internet Information Service (IIS) certificate wizard, you can export that certificate with its private key to a Personal Information Exchange (PFX) file.

  1. Download and install the Win32 OpenSSL (Win32 OpenSSL v0.9.8i) package from http://www.slproweb.com/products/Win32OpenSSL.html

  2. Open a command prompt and change into the OpenSSL\bin directory:

    cd \homedrive\OpenSSL\bin
  3. Type the following command to extract the key file out into a PEM file (all on one line):

    openssl pkcs12 -in yourcert.pfx -out newkey.pem -nocerts

    If prompted for the import password, enter the password you used when exporting the certificate to a PFX file. If prompted do not set a password on the new file.

  4. Type the following command to extract the cert file out into a PEM file (all on one line):

    openssl pkcs12 -in yourcert.pfx -out newcert.pem -nokeys

    If prompted for the import password, enter the password you used when exporting the certificate to a PFX file. If prompted do not set a password on the new file.

  5. Now it is time to upload the new PEM files


Step 2: Upload the Certificate and Key Files

  1. Log into Access Manager and go to Configuration > SSL and expand the “Upload Keys and Certificates” section

  2. Select the Private Key and Trusted Certificate option

  3. Add the certificate and key that were exported from the PFX file and enter the Passphrase if one exists for the certificate and keyNewCerts10.png

  4. Click Upload button

  5. The certificate and key should be uploaded to Access Manager successfully

NewCerts11.png

 

To complete the integration the service must now be restarted. This can be done from the “Power” button in the footer or through the VM Console.

 

Once the system has restarted go to the Access Manager main page and open the certificate information, the certificate information should now match that of the certificate that was uploaded, and assuming you are connecting to the same address that the certificate is valid for it should also be Trusted

 



 

 

 

Have more questions? Submit a request

Comments

Powered by Zendesk