Import and convert SSL files 编辑

You can now import SSL resources, such as certificates, private keys, CRLs, and DH keys, from remote hosts even if FTP access to these hosts is not available. This feature is especially helpful in environments where shell access to the remote host is restricted. Default folders are created in /nsconfig/ssl as follows:

• For certificate files: /nsconfig/ssl/certfile
• For private keys: the /nsconfig/ssl/keyfile
• For CRLs: /var/netscaler/ssl/crlfile
• For DH keys: /nsconfig/ssl/dhfile

Imports from both HTTP and HTTPS servers are supported. However, the import fails if the file is on an HTTPS server that requires client certificate authentication for access.

Note:

The import command is not stored in the configuration (ns.conf) file, because reimporting the file after a restart might cause an error.

Import a certificate file

You can use the CLI and GUI to import a file (resource) from a remote host.

Import a certificate file from a remote host by using the CLI

At the command prompt, type:

import ssl certFile [<name>] [<src>]
<!--NeedCopy-->