After you receive the signed certificate and the CA chain, you must import it. CA can return the certificate in multiple ways. Typically, the CA returns one or more files each containing one certificate, or returns a file with multiple certificates in it.
The following figure illustrates a certificate chain example.
Figure 15-1 Illustration of a Certificate Chain Example
To import this certificate chain:
Click Security > Certificates, then click the name of a certificate that is in a CSR Pending state.
Click Import Signed Certificate.
In Import Signed Certificate, browse to locate the Entity certificate data file or paste the Entity certificate data text into Certificate data text.
To import the CA chain, click Add trusted root and then locate the Root certificate data.
Click Add intermediate certificate if you need to continue adding certificates to the chain. For example, add Intermediate cert 1 and cert 2 in that order.
Click OK > Close.
The certificate is now available for use by Access Manager devices.
NOTE:When there is a server certificate and more than two intermediate CA certificates, use PKCS7 format file and import the certificate and its CA chain.
If you receive an error while importing the certificate, see Troubleshooting Certificate Issues.