Disabling TPM (Trusted Platform Module) certificate protection during installation on the firewall

SNS firewalls offer protection of certificates with TPM.

Whenever you install an identity (.p12 format) on an SNS firewall from the SMC server, private key protection via TPM is enabled by default. The private key is protected by a password stored on the TPM.

In SMC, TPM-protected keys can only be used in IPsec VPN topologies with IKEv2 encryption profiles.

To create VPN topologies with IKEv1 encryption profiles, disable this protection using the environment variable SMC_FW_TPM_ENABLED.