Updated on 2024-12-04 GMT+08:00

Uploading a Client CA Certificate

Scenario

You need to upload a client CA certificate only when Client Authentication Mode is set to Certificate authentication.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner and select the desired region and project.
  3. Click in the upper left corner of the page, and choose Networking > Virtual Private Network.
  4. In the navigation pane on the left, choose Virtual Private Network > Enterprise – VPN Gateways.
  5. Click the P2C VPN Gateways tab. In the P2C VPN gateway list, locate the target P2C VPN gateway, and click Configure Server or View Server in the Operation column.
  6. On the Server tab page, choose Certificate authentication from the Client Authentication Mode drop-down list box, and click Upload Client CA Certificate.
  7. Set parameters as prompted.

    Table 1 Parameters for uploading a CA certificate

    Parameter

    Description

    Example Value

    Name

    This parameter can be modified.

    ca-cert-server

    Content

    Use a text editor (such as Notepad++) to open the signature certificate file in PEM format, and copy the certificate content to this text box.

    NOTE:
    • It is recommended to use a certificate with a strong cryptographic algorithm, such as RSA-3072 or RSA-4096.
    • Certificates using the RSA-2048 encryption algorithm have risks. Exercise caution when using such certificates.

    -----BEGIN CERTIFICATE-----

    MIIDoTCCAomgAwIBAgIUZAxA/2WlDFidbH9QfedbwYHrmQQwDQYJKoZIhvcNAQEL

    BQAwYDELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkJKMQswCQYDVQQHDAJCSjEPMA0G

    -----END CERTIFICATE-----

  8. Click OK.

    A maximum of 10 client CA certificates can be added.