Installing the root CA certificate in the trust store of the tunnel

Last Updated : Jun 23, 2026 |

Procedure

  1. Download the CA certificate chain in a PEM format from the certificate authority that issued the certificate for the ADC or reverse proxy.
  2. Copy the .pem file on the edge Branch Session Manager server.
  3. At the command prompt of the edge Branch Session Manager server, run the following command to import the .pem file:

    certTool -i <rootca>.pem -t -s tunnel

  4. Type yes when the following message is displayed:

    Trust this certificate? [no]: