Importing the TLS certificate from file
Before importing TLS certificates via the web interface of Kaspersky Secure Mail Gateway, you have to prepare them for import.
You can prepare certificates of the following types for import:
- Self-signed TLS certificate.
- CA-signed TLS certificate (hereinafter also referred to as a "CA certificate").
Self-signed certificates are normally used to test and debug SSL and TLS encryption of connections. You are advised to use certificates signed by a certification authority (CA certificates) on public servers.
To import a TLS certificate from file:
- In the main window of the application web interface, open the management console tree and select the Encryption Keys section and TLS subsection.
- Click the Import from file button in the upper part of the workspace.
- In the TLS certificate name field, enter the name that you want to assign to the TLS certificate being imported.
- Click the Browse button to the right of the Choose TLS certificate file field.
The file selection window opens in the browser that you use.
- Choose the file of the TLS certificate that you want to import and click the Open button in your browser.
The certificate file (Preparing a self-signed TLS certificate for import, Preparing to import a CA-signed TLS certificate) must contain the TLS certificate and a private TLS key with the PEM extension. The private key must not be encrypted or password-protected.
The file selection window closes.
- Click the OK button.
The TLS certificate appears in the list of TLS certificates in the workspace of the main window of the application web interface.