Request a server certificate from a certificate authority. When you create the request, which is known as a certificate signing request (CSR), specify the name of the key pair from the previous step.
In response to your CSR, a certificate authority will either send a single server certificate or a chain of certificates that is made up of a server certificate and one or more CA certificates.
The server certificate attests to the identify of your organization. A CA certificate attests to the identity of a certificate authority.
If a certificate authority sends a chain, the server certificate is signed by an intermediate CA certificate. The intermediate CA certificate is signed by either another intermediate CA certificate or the root CA certificate. The root certificate is the last certificate in the chain. The certificate authority might or might not include the root certificate in the chain it returns. VM:Webgateway does not require the root certificate.
The root certificate is the certificate that web browsers need to validate your server certificate and the rest of the intermediate CA certificates in the chain. Most web browsers come bundled with root certificates of well known certificate authorities.
When the certificate authority sends the server certificate or the chain of certificates, load all the certificates into VM:Webgateway.
If you tested SSL on your VM:Webgateway production SVM and are using the same key pair as you did when testing SSL, the server certificate from the certificate authority will be named the same as the self-signed certificate. In this case, replace the self-signed certificate with the certificate from the certificate authority.
