Uploading a Client CA Certificate

Scenario

You need to upload a client CA certificate only when Client Authentication Mode is set to Certificate authentication.

Procedure

1. Log in to the management console.
2. Click in the upper left corner and select the desired region and project.
3. Click in the upper left corner, and choose Networking > Virtual Private Network.
4. In the navigation pane on the left, choose Virtual Private Network > Enterprise – VPN Gateways.
5. Click the P2C VPN Gateways tab. In the P2C VPN gateway list, locate the target P2C VPN gateway, and click Configure Server or View Server in the Operation column.
6. On the Server tab page, choose Certificate authentication from the Client Authentication Mode drop-down list box, and click Upload CA Certificate.
7. Set parameters as prompted.

   Table 1 Parameters for uploading a CA certificate

   Parameter	Description	Example Value
   Name	This parameter can be modified.	ca-cert-server
   Content	Use a text editor (such as Notepad++) to open the signature certificate file in PEM format, and copy the certificate content to this text box. NOTE: It is recommended to use a certificate with a strong cryptographic algorithm, such as RSA-3072 or RSA-4096. Certificates using the RSA-2048 encryption algorithm have risks. Exercise caution when using such certificates.	-----BEGIN CERTIFICATE----- MIIDoTCCAomgAwIBAgIUZAxA/2WlDFidbH9QfedbwYHrmQQwDQYJKoZIhvcNAQEL BQAwYDELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkJKMQswCQYDVQQHDAJCSjEPMA0G -----END CERTIFICATE-----

8. Click OK.
   

   A maximum of 10 client CA certificates can be added.