How to import a .PFX certificate into TSX Gateway?

mona
2018-11-08 15:41

This manual describes the usage of external certificates (PFX format) together with TSX Gateway:

Please follow the steps listed below or download the step-by-step guide as .pdf.

Content:

1. Generate Certificate Request

2. Import request on your certificate authority

3. Export the certificate as .pfx

4. Import certificate into TSX Gateway

1. Generate Certificate Request

We start with the configuration on our TSX Gateway Server:

1.1. Open the Microsoft Management Console (mmc) as Administrator.

MMC.png

1.2. Click CTRL+M and add the certificates snap-in for your computer account.

3.png

1.3. Select your local computer and launch the console by clicking on “Finish”:

4.png

 

1.4. Now navigate to Console Root → Certificates (Local Computer) → Personal

personal.png

1.5. To create a custom request right-click Personal and select All Tasks → Advanced Operations → Create Custom Request
create_custom_request.png

1.6. Click Next until the Certificate Information dialogue appears

certification_information.png

1.7. Please change following parameters:

General

Insert Field:         Friendly name
They are used to enable a user to associate aliases with certificates so they can be easily identified

1_cp_general.png

Subject

Add Value:         Common name CN
( Host + Domain Name) DNS Name

2_cp_subject.png

Extensions -> Extended Key Usage

Add Value:         Server Authentication

3_cp_extensions.png

Private Key: Key options

Enable: Make private key exportable

4_cp_private_key.png


1.8. Export Filename: request.req
Select “Base64” as file format.

5_cp_export.png

1.9. Copy the previously created request file to your certificate authority.

 


 

2. Import request on your certificate authority

Now switch to your certificate authority in order to proceed the previously created certification request.

2.1. Open your Server Manager
server_manager.png

 

2.2 Check if the Certification Authority Tools are installed; Otherwise you need to install this role before continuing.
certification_authority_role.png

2.3. Right click on “Roles” and navigate to “Active Directory Certificate Services” -> Hostname-cs (e.g server01-CA) and select Submit new request

submit_a_new_request.png

 

2.4. Choose the request.req which was created in the first part of this guide.

open_request_file.png

2.5. Now switch to Pending requests and right click the recently imported request and select All Tasks -> Issue

issue_a_pending_request.png

2.6. Switch to “Issued Certificates” and double click the issued certificate. Switch to the “Details” tab and select “Copy to file”.

This allows you to save you issued certificate as .cer file.

copy_to_file.png

2.7 Copy file to computer where the request has been initiated.

 


 

3. Export the certificate as .pfx

3.1 Open the Microsoft Management Console (mmc) as Administrator.

MMC.png

3.2 Click CTRL+M and add the Certificates snap-in for your Computer account.

3.png

3.3 Select your “local computer” and launch the console by clicking on “Finish”

4.png

3.4 Now navigate to Console Root → Certificates (Local Computer) → Personal

1_export_certificate.png

3.5 Right click on the certificate and select “All Tasks” -> “Export”

2_export_certificate.png

3.6 Continue until the Export File Format dialogue appears. Select Personal Information Exchange and click on Next

3_export_certificate.png

3.7 Please specify a password in order to protect the private key.

4_export_certificate.png

3.8 Set the file name and finish the .pfx export

5_export_certificate.png

 


 

4. Import certificate into TSX Gateway

Now you are able to import your certificate into your TSX Gateway Server.

4.1 Open your TSX Gateway Managenent Console and click on File -> Import certificate

16-05-2013-19-46-18.png

4.2 Click OK on the warning dialogue
16-05-2013-19-46-23.png

4.3 Select the previously created *.pfx file

16-05-2013-19-46-34.png

4.4 Enter the password of the certificate

16-05-2013-19-46-49.png

4.5 The certificated is now installed.

16-05-2013-19-46-56.png

Tags: authentication, certificate, Gateway, pfx, tsx gateway