Uploading a Certificate

You can use this option to upload certificates generated in a Nodegrid device or certificates generated outside Nodegrid device.

To upload a signed certificate to the Nodegrid device: 

1. Go to Security :: Certificates.

2. Click Upload Certificate.

3. When you upload a certificate to use for IPsec, select the User SSL Certificate Trust Attribute field.

   1. Trusted Peer (P): Select this field if the Nodegrid device can act as a trusted peer and be used in the authentication phase in an IPsec network.

   2. In the case of self-signed certificates, where there's no external CA involved, these attributes are used to establish trust within the IPsec network. 

      1. Trusted CA to issue client certificates (T): This attribute ensures that the self-signed CA certificate is trusted to issue client certificates. Select the field to allow the IPsec to be validated against this CA certificate to prove their identity and securely gain access to the IPsec network.

      2. Trusted CA to issue server certificates (C): This attribute ensures that the self-signed CA certificate is trusted to issue server certificates. Select the field to allow the IPsec servers to validate against this CA certificate to prove their identity and securely gain access to the IPsec.

4.  Certificate Location: This section allows you to upload the certificate using either of the following options: 

   1. Local Computer: Select this option if the certificate is available on your system locally.

      

   2. Remote Server: Select this option if the certificate is available on the remote server. Enter the URL, Username, and Password to connect to the remote server.
      

      

   3. The path in the URL to be used as the absolute path name:  The path on the remote server is an absolute path instead of a relative path. Absolute paths always start with the root directory and provide the full path to the file or directory.

   4. Local System: Uses certificate files stored on /var/sw on Nodegrid device.
      

      

   5. Text input: Paste the content of the certificate here instead of uploading a file.
      

      

      Note: If you are uploading a certificate whose CSR was not generated in Nodegrid, ensure that the private key of that certificate is included while uploading the certificate. This can be done by concatenating the private key with the certificate content or by using a PKCS12 file containing both the private key and the certificate.

      Certificate File Password: Some certificates are encrypted using a password, such as the PKCS12 (.p12) files. In this case, you must specify the password to decrypt the file.

5. Click Save.
   The certificate is successfully uploaded to the system.