Adding a UI Certificate will allow for a secure connection to be confirmed when managing the SSL Visibility Appliance.

This is relevant to all hardware and software versions of the SSL Visibility Appliance.

In order to add a Certificate/Key to the SSLv several steps need to be taken.  In order to do this a key is required with your certificate.  To do this you may utilize openSSL via Linux or Windows.  An application called XCA can also be utilized which is basically provides a GUI or wrapper for openSSL for ease of use.

Utilizing XCA you would first create a private key.  This will be utilized when uploading the certificate to the SSLv.  After creating a private key, then create a certificate.  The goal is to create a certificate to provide to your PKI team to get signed by the CA.  You are creating a CSR certificate, a certificate signing request.

After your key is created, then you may create your certificate.  After creating the certificate it can then be provided to the CA for signing.  

Once you receive the certificate back you may upload it to the SSLv along with the key that was created in the beginning of the exercise.

Here are step by step directions to to these tasks:

Using XCA utilize the following setps:

1.  Create a new database.  File -> New Database.
2.  Create a new Private Key under the Private key tab.
3.  Go to the Certificate signing request tab and create new request.
4.  Provide a reference name and a password on the Source tab.
5.  Provide the proper information in the Subject tab.
6.  On the Extensions tab add in Subject Alternative Names or any other options you need.
7.  Additional tabs can be left as default.
8.  When you create the CSR it will utilize the private key your created in step 2.
9.  Provide the CSR to your PKI team to get it signed.
10.  When you receive the signed certificate back from our PKI team install in on the SSLv.
11.  On the SSLv click on the hostname and go to Import UI Certificate/key.
12.  Upload the certificate and key utilizing a password to the SSLv.
13.  You should now be able to log in securely to the SSLv.

The following link can be used to download XCA.

https://hohnstaedt.de/xca