Importing an existing certificate and key pair
About this task
The following diagram shows an overview of the steps for importing an existing certificate and key pair.
To import an existing certificate and key pair:
Steps
-
Convert the key to a
.key
file:openssl rsa -in private.pem -out private.key
-
Convert the SSL certificate to a
.crt
file:openssl x509 -in server-cert.pem -out server-cert.crt
-
Import the cluster key into the key store using the following CLI command.
import_key_pair {key_path} [--yes | -y] import key pair for cluster server --yes | -y : import key pair without confirmation prompt
-
Import the certificate into the key store using following CLI command:
import_cert {cert_path} [--yes | -y] import CA signed certificate for cluster server --yes | -y : import CA signed certificate without confirmation prompt
-
Restart the API Security Enforcer (ASE) cluster for synchronizing the key and the certificate.
For more information on restarting the ASE cluster, see Restarting an ASE cluster.