4.4. Certificate Management

UserGate LogAn uses the secure HTTPS protocol to manage the device with a certificate of type Web console SSL certificate.

To create a new certificate, follow these steps:

Task

Description

Step 1. Create a new certificate.

In the Certificates section, click Create.

Step 2. Fill in the relevant fields.

Provide values for these fields:

  • Name: the name under which the certificate will be displayed in the certificate list.

  • Description: a description of the certificate.

  • Country: the country where the certificate is being issued.

  • State or province name: the state or province where the certificate is being issued.

  • Locality name: the city or town where the certificate is being issued.

  • Organization name: the name of the organization to which the certificate is being issued.

  • Common name: the certificate name. To ensure compatibility with the majority of browsers, we recommend using only Latin characters.

  • E-mail: your company's email.

Step 3. Specify the purpose of the certificate.

After creating the certificate, specify its intended role in UserGate LogAn. To do that, select the relevant certificate in the certificate list, click Edit, and specify the Web console SSL certificate type. After that, UserGate LogAn will reboot the web console service and invite you to connect using the new certificate.

UserGate LogAn allows you to export certificates created there and import certificates created in other systems --- e.g., a certificate issued by a certificate authority trusted by your organization.

To export a certificate, follow these steps:

Task

Description

Step 1. Select a certificate for export.

Select the desired certificate in the certificate list.

Step 2. Export the certificate.

Select the export type:

  • Export certificate: export certificate data in the .der format without exporting the certificate's private key. Use the exported SSL inspection certificate file to set it as the local CA on user computers.

  • Export CSR: export a CSR, e.g., to be signed by a CA.

Note

It is recommended to save the certificate to be able to restore it later.

Note

For security purposes, UserGate LogAn does not allow the export of private keys for certificates.

To import a certificate, you need to have the certificate files (and, optionally, the private key for the certificate). If you have those, follow the steps below:

Task

Description

Step 1. Start the import procedure.

Click Import.

Step 2. Fill in the relevant fields.

Provide values for these fields:

  • Name: the name under which the certificate will be displayed in the certificate list.

  • Description: a description of the certificate.

  • Certificate file: upload the certificate data file.

  • Private key: upload the private key file for the certificate.

  • Passphrase: specify the private key passphrase (if required).

  • Certificate's chain: a file containing the upstream CA certificates used in the creation of this certificate. This field is optional.