HP VPN Firewall Appliances VPN Configuration Guide
269
Figure 183 RSA key pair destruction page
Retrieving and displaying a certificate
You can retrieve an existing CA certificate or local certificate from the CA server and save it locally. To
do so, you can use offline mode or online mode.
In offline mode, you must retrieve a certificate by an out-of-band means like FTP, disk, email and then
import it to the device. By default, the retrieved certificate is saved in a file under the root directory of the
device, and the file name is domain-name_ca.cer for the CA certificate, or domain-name_local.cer for
the local certificate.
To retrieve a certificate:
1. From the navigation tree, select VPN > Certificate Management > Certificate.
2. Click Retrieve Cert.
Figure 184 PKI certificate retrieval page
3. Configure the parameters, as described in Table 28.
4. Click Apply.
Table 28 Configuration items
Item Descri
p
tion
Domain Name
Select the PKI domain for the certificate.
Certificate Type
Select the type of the certificate to be retrieved, which can be CA or local.
Enable Offline
Mode
Select this box to retrieve a certificate in offline mode (that is, by an out-of-band means
like FTP, disk, or email) and then import the certificate into the local PKI system.
Get File From
Device
Specify the path and name of the certificate file to import:
• If the certificate file is saved on the device, select Get File From Device and then specify
the path and name of the file on the device. If no file is specified, the system, by
default, gets the file domain-name_ca.cer (for the CA certificate) or
domain-name_local.cer (for the local certificate) under the root directory of the
device.
• If the certificate file is saved on a local PC, select Get File From PC and. then specify
the path and name of the file and specify the partition that saves the file..
Get File From PC