Adding a server certificate

A server certificate must be installed on a web or application server, so that the server can authenticate.

In the case of websites, for example, certificates ensure that the URL and its domain name belong to the right organization.

Creating a server certificate

Click on Add and select Add a server certificate.
Enter a Fully Qualified Domain Name (FQDN) (mandatory).
The size limit of this field is 64 characters. E.g.: myserver.mycompany.com.
Enter an ID (optional).
Here, you can add a shortcut to your CN, which will be useful for command lines.
Click on Next.
Select the Certification authority (CA) that will sign the certificate.
Enter the CA password.
The attributes of the authority will be added automatically and can be found in the server certificate.
Click on Next.
Where necessary, change the duration of the certificate's Validity (days).
The recommended value is 365 days (suggested by default).
The Key size (bits) of the certificate can also be changed.
Even though large keys are more effective, you are advised against using them with entry-level appliances as this will mean the key will take a long time to be generated.
Click on Next.
You will be shown a summary of the information you entered.
Click on Finish.

The certificate will automatically be added to the tree of authorities and certificates defined on the firewall, under its parent authority.

Click once on the certificate to display its detailed information on the right side of the screen:

Information about the identity is shown in four windows:

The duration of its Validity: when its certificate was issued and when it expires,
Its recipient (Issued for),
Its Issuer: the parent authority,
Its Fingerprints: serial number of the certificate, encryption and signature algorithms used, etc.