Entrust Certificate Services Support Knowledge Base
Last Modified: 2015-11-27 06:21:43.0
TN 9009 - SSL/TLS Certificate Installation Instructions - Cisco IronPort
Before you begin
- Important: To follow best practice it is recommended that you back-up your current Ironport Configuration, this can be done through the “System Administration” menu.
- Never share private keys.
- If you plan on using the same certificate on multiple servers always transfer the private key using a secure method (e-mail is not considered a secure method of transfer).
- It is best practice to ensure that you have current and up to date Ciphers and Protocols to ensure the best security when deploying a new Private key and Server Certificate.
- Make sure you run the SSL Server Test at the end of the installation process to check your certificate configuration against SSL/TLS Best Practices. (Please Note that the server test is only for public facing sites and services)
Installing your Entrust SSL/TLS Certificate on Cisco IronPortClick the Download button in the pickup wizard to download your certificate files. Clicking the download button will produce a file named ChainBundle1.crt and ServerCertificate.crt. This file includes your signed SSL/TLS certificate and the combined certificate chain.
1. Navigate to Network > Certificates and Select the certificate you wish to import.
2. You will see an option to “Choose File”. Click on this option and choose “Upload Signed Certificate” to install the ServerCertificate.crt onto the Cisco IronPort.
3. Before saving these changes, you must upload the ChainBundle1.crt file. To do this, expand the “Intermediate Certificate (Optional)” browser and add the ChainBundle1.crt file section and click “Submit”.