Export and Import CA-Signed Certificate for SSL-Offload with HA

linus

We have a pair of AXs in HA for an SSL Web application, CA-Signed Certificate will be used on AX for SSL-offload.

---------------------------------------------------------------------------------------------------
From ADC Config guide:

After the CSR is generated, send the CSR to the CA. After you receive the
signed certificate from the CA, use the import command to import the CA
onto the AX device. The key does not need to be imported. The key is generated
along with the CSR.

---------------------------------------------------------------------------------------------------
We can simply generate the CSR on AX01 and import the signed cert into the device.
But how about another AX device?
According to config guide we need to import the CA-signed cert to AX02 because the CSR is not generate by AX02. But where can we export the key from AX01?

[Deleted User]

On page 264 of the 2.6.1 SLB ADC config guide has very detailed steps to export CSR, cert, and keys.

hkohn72

In the documentation in A10_Thunder_AX_271-P2_SLB_ADC-2013.08.05 it was explained on page 878 and 879.

USING THE GUI
1. Select Config Mode > SLB > Service > SSL Management, if not
already selected.
2. On the menu bar, select Certificate.
3. To export a certificate:
a. Select the certificate. (Click the checkbox next to the certificate
name.)
b. Click Export.


USING THE CLI
To export a certificate and its key, use the following commands at the Privileged
EXEC or global Config level of the CLI:
export ssl-cert file-name url
export ssl-key file-name url