Importing an existing certificate and key pair - PingIntelligence for APIs

Importing an existing certificate and key pair - PingIntelligence for APIs - 5.2

PingIntelligence

bundle

pingintelligence-52

ft:publication_title

PingIntelligence

Product_Version_ce

PingIntelligence for APIs 5.2 (Latest)

category

APISecurity

AdvancedAPICybersecurity

Capability

Environment

Product

apisecurity

capability

linux

pi-52

pingintelligence

private

ContentType_ce

The following diagram shows an overview of the steps for importing an existing certificate and key pair.

Flowchart for importing an existing certificate and key pair.

To import an existing certificate and key pair:

Convert the key to a .key file:

openssl rsa -in private.pem -out private.key

Convert the SSL certificate to a .crt file:

openssl x509 -in server-cert.pem -out server-cert.crt

Import the cluster key into the key store using the following CLI command.

import_key_pair {key_path} [--yes | -y]
import key pair for cluster server
--yes | -y : import key pair without confirmation prompt

Import the certificate into the key store using following CLI command:

import_cert {cert_path} [--yes | -y]
import CA signed certificate for cluster server
--yes | -y : import CA signed certificate without confirmation prompt

Restart the API Security Enforcer (ASE) cluster for synchronizing the key and the certificate.

For more information on restarting the ASE cluster, see Restarting an ASE cluster.