Import the PFX certificate, generating the key file.
- Log in to the NetScaler’s GUI.
- On the Configuration tab, navigate to Traffic Management > SSL.
- Click Import PKCS#12.
- In the “Output File Name” field, give the certificate a file name as it will be know by the NetScaler with a .key suffix.
- In the “PKCS12” field, point to the pfx certificate. (File can be on your desktop’s file system – no need to upload first).
- Enter the password you used when exporting the certificate from Windows.
- Select DES3.
- Enter a “PEM Passphrase” to protect the key on the NetScaler. (Not the same as the import password).
- Click OK.
Install the certificate
- On the Configuration tab, navigate to Traffic Management > SSL > Certificate.
- Click Install.
- In “Certificate-key Pair Name” field, give the certificate a name. This is how it will be referenced by the NetScaler functions, so make sure it’s easily identifiable.
- In the “Certificate File Name” field, point to the .cer file exported (without the private key), choosing “local” and navigating your Windows machine.
- In the “Key File Name” field, point to the key file created on the appliance (in the Import PFX section).
- Select “PEM”.
- Enter the passphrase password (set in the Import PFX section).
- Optionally set the expiry notification.
Your certificate now looks like this:
Don’t forget to link it to your CA root certificate. (Action > Link).
Previous: Part 1: Generate SAN certificate using AD CA