Export and Import CA-Signed Certificate for SSL-Offload with HA

Product Discussions System
, , ,
1 
We have a pair of AXs in HA for an SSL Web application, CA-Signed Certificate will be used on AX for SSL-offload. 

---------------------------------------------------------------------------------------------------

From ADC Config guide:

After the CSR is generated, send the CSR to the CA. After you receive the
signed certificate from the CA, use the import command to import the CA
onto the AX device. The key does not need to be imported. The key is generated
along with the CSR.

---------------------------------------------------------------------------------------------------

We can simply generate the CSR on AX01 and import the signed cert into the device.
But how about another AX device?
According to config guide we need to import the CA-signed cert to AX02 because the CSR is not generate by AX02. But where can we export the key from AX01?

2

On page 264 of the 2.6.1 SLB ADC config guide has very detailed steps to export CSR, cert, and keys.

3

In the documentation in A10_Thunder_AX_271-P2_SLB_ADC-2013.08.05 it was explained on page 878 and 879.

USING THE GUI 1. Select Config Mode > SLB > Service > SSL Management, if not already selected. 2. On the menu bar, select Certificate. 3. To export a certificate: a. Select the certificate. (Click the checkbox next to the certificate name.) b. Click Export.

USING THE CLI To export a certificate and its key, use the following commands at the Privileged EXEC or global Config level of the CLI: export ssl-cert file-name url export ssl-key file-name url