Generating an identity certificate chain

Last Updated : Sep 17, 2019 |

About this task

If you want to use an identity certificate signed by a third-party certificate authority (CA), you must generate an identity certificate chain. An identity certificate chain must include the following certificates in order:

  1. The third-party CA-signed identity certificate.

  2. All intermediate CA certificates, if any.

  3. The root CA certificate.

Assign this certificate chain to a specific Avaya Aura® Web Gateway server interface.

Before you begin

Upload the third-party CA-signed identity certificate, root CA certificate, and all intermediate CA certificates in the PEM format to Avaya Aura® Web Gateway using a file transfer program, such as SFTP or SCP.

Procedure

  1. Log in to the Avaya Aura® Web Gateway using your SSH credentials.
  2. Navigate to the directory with the certificates.
  3. Run the cat command as follows:

    cat <Identity_ertificate_file_name> <Intermediate_CA_certificate_file_name> <Root_CA_file_name> > <Certificate_chain_file_name>

    If you have several intermediate CA certificates, list all intermediate CA certificate file names, separated by a space, and then list the root CA certificate file name.

    For example, if you have the identity certificate identity.crt, two intermediate CA certificates (intermediateCA1.crt and intermediateCA2.crt), and root CA certificate rootCA.crt, run the following command to generate a certificate chain with the identityChain.crt file name:

    cat identity.crt intermediateCA1.crt intermediateCA2.crt rootCA.crt > identityChain.crt