Updated on 2024-12-20 GMT+08:00

Uploading Certificates for a VPN Gateway

Scenario

When creating a VPN gateway of the GM specification, you need to upload certificates for it to establish VPN connections with a customer gateway. In addition, configure the alarm function on the Cloud Eye console for such a VPN gateway. For details, see the Cloud Eye User Guide.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner and select the desired region and project.
  3. Click in the upper left corner of the page, and choose Networking > Virtual Private Network.
  4. In the navigation pane on the left, choose Virtual Private Network > Enterprise – VPN Gateways.
  5. Locate a VPN gateway of the GM specification, and choose More > View/Upload Certificate in the Operation column.
  6. Click Upload Certificate and set parameters as prompted.
    Table 1 describes the parameters for uploading certificates for a VPN gateway.
    Table 1 Parameters for uploading certificates for a VPN gateway

    Parameter

    Description

    Example Value

    Certificate Name

    User-defined name.

    certificate-001

    Signature Certificate

    Certificate used for signature authentication to ensure data validity and non-repudiation.

    Use a text editor (such as Notepad++) to open the signature certificate file in PEM format, and copy the certificate content to this text box.

    Enter both a signature certificate and its issuing CA certificate.

    -----BEGIN CERTIFICATE-----

    Signature certificate

    -----END CERTIFICATE-----

    -----BEGIN CERTIFICATE-----

    CA certificate

    -----END CERTIFICATE-----

    Signature Private Key

    Private key used to decrypt the data that is encrypted by a signature certificate.

    Use a text editor (such as Notepad++) to open the signature private key file in KEY format, and copy the private key to this text box.

    -----BEGIN EC PRIVATE KEY-----

    Signature private key

    -----END EC PRIVATE KEY-----

    Encryption Certificate

    Certificate used to encrypt data transmitted over VPN connections to ensure data confidentiality and integrity. The CA that issues the encryption certificate must be the same as the CA that issues the signature certificate.

    Use a text editor (such as Notepad++) to open the encryption certificate file in PEM format, and copy the certificate content to this text box.

    -----BEGIN CERTIFICATE-----

    Encryption certificate

    -----END CERTIFICATE-----

    Encryption Private Key

    Private key used to decrypt the data that is encrypted by an encryption certificate.

    Use a text editor (such as Notepad++) to open the encryption private key file in KEY format, and copy the private key to this text box.

    -----BEGIN EC PRIVATE KEY-----

    Encryption private key

    -----END EC PRIVATE KEY-----