How to Renew the Appliance Key with no internet access

book

Article ID: 222712

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

If the box is not connected to the internet i.e. closed network then it won't be possible to renew the appliance key using the solution outlined in:

https://knowledge.broadcom.com/external/article?articleId=168179

 

 

 

 

Environment

Closed network

Resolution

Via management console:

- Select the Configuration > SSL > Appliance Certificates > Create CSR

Copy the certificate signing request and visit https://abrca.bluecoat.com/sign-manual/index.html
Follow the instructions there to obtain an appliance certificate. See print screen below. 


- Once you have clicked on "Generate Certificate" it will create the signed certificate:

- It is not currently possible to import the signed certificate into the appliance-key keyring in the gui.
The import button is greyed out:






You can however import the signed certificate into the appliance-key keyring using the cli.
In order to do this you need to ssh or serial to the ProxySG and then login.

Then go into conf t mode and then ssl

ProxySG#(config ssl)
inline certificate appliance-key eof

 the signed certificate

eof





Attachments