Help Center> Virtual Private Network> User Guide> Enterprise Edition VPN Gateway Management> Uploading Certificates for a VPN Gateway
Updated on 2024-03-22 GMT+08:00
View PDF

Uploading Certificates for a VPN Gateway

Scenario

When creating a VPN gateway of the GM specification, you need to upload certificates for it to establish VPN connections with a customer gateway. In addition, configure the alarm function on the Cloud Eye console for such a VPN gateway. For details, see Creating an Alarm Rule to Monitor an Event.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner and select the desired region and project.
  3. On the homepage, choose Networking > Virtual Private Network.
  4. In the navigation pane on the left, choose Virtual Private Network > Enterprise – VPN Gateways.
  5. On the VPN Gateways page, locate a VPN gateway of the GM specification, and choose More > View/Upload Certificate in the Operation column.
  6. Click Upload Certificate and set parameters as prompted.
    Table 1 describes the parameters for uploading certificates for a VPN gateway.
    Table 1 Parameters for uploading certificates for a VPN gateway

    Parameter

    Description

    Example Value

    Certificate Name

    User-defined name.

    certificate-001

    Signature Certificate

    Certificate used for signature authentication to ensure data validity and non-repudiation.

    Open the PEM signature certificate file (with the extension .pem) as a text file, and copy the content in the file to this text box.

    Enter both a signature certificate and its issuing CA certificate.

    -----BEGIN CERTIFICATE-----

    Signature certificate

    -----END CERTIFICATE-----

    -----BEGIN CERTIFICATE-----

    CA certificate

    -----END CERTIFICATE-----

    Signature Private Key

    Private key used to decrypt the data that is encrypted by a signature certificate.

    Open the signature private key file (with the extension .key) as a text file, and copy the private key to this text box.

    -----BEGIN EC PRIVATE KEY-----

    Signature private key

    -----END EC PRIVATE KEY-----

    Encryption Certificate

    Certificate used to encrypt data transmitted over VPN connections to ensure data confidentiality and integrity. The CA that issues the encryption certificate must be the same as the CA that issues the signature certificate.

    Open the PEM encryption certificate file (with the extension .pem) as a text file, and copy the content in the file to this text box.

    -----BEGIN CERTIFICATE-----

    Encryption certificate

    -----END CERTIFICATE-----

    Encryption Private Key

    Private key used to decrypt the data that is encrypted by an encryption certificate.

    Open the encryption private key file (with the extension .key) as a text file, and copy the private key to this text box.

    -----BEGIN EC PRIVATE KEY-----

    Encryption private key

    -----END EC PRIVATE KEY-----