Additional ADC configuration
1) Generate a key on the HSM.
Use third party tools to create keys on the HSM.
2) Add an HSM key on the ADC.
Important!: The # character is not supported in a key name. If the key name include this character, the load key operation fails.
To add a Safenet HSM key by using the CLI:
At the command prompt, type:
add ssl hsmkey <KeyName> -hsmType SAFENET -serialNum <serial #> -password
where:
-keyName is the key created on the HSM by using third party tools.
-serialNum is the serial number of the partition on the HSM on which the keys are generated.
Note: For HSM in a high availability setup, use the serial number of the high availability group.
-password is the password of the partition on which the keys are present.
To add a Safenet HSM key by using the GUI:
Navigate to Traffic Management > SSL > HSM and add an HSM key. You must specify the HSM Type as SAFENET.
3) Add a certificate-key pair on the ADC. You must first use a third party tool to generate a certificate associated with the key. Then, copy the certificate to the /nsconfig/ssl/ directory on the ADC.
Note: The key must be an HSM key.
To add a certkey pair on the ADC by using the CLI:
At the command prompt, type:
add ssl certkey <CertkeyName> -cert <cert name> -hsmkey <KeyName>
To add a certkey pair on the ADC by using the GUI:
- Navigate to Traffic Management > SSL.
- In Getting Started, select Install Certificate (HSM) and create a certificate-key pair using an HSM key.
4) Create a virtual server and bind the certificate-key pair to this virtual server.
For information about creating a virtual server, click SSL virtual server configuration.
For information about adding a certificate-key pair, click Add or update a certificate-key pair.
For information about binding a certificate-key pair to an SSL virtual server, click Bind the certificate-key pair to the SSL virtual server.
The official version of this content is in English. Some of the Citrix documentation content is machine translated for your convenience only. Citrix has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Citrix product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Citrix, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Citrix will not be held responsible for any damage or issues that may arise from using machine-translated content.
THIS SERVICE MAY CONTAIN TRANSLATIONS POWERED BY GOOGLE. GOOGLE DISCLAIMS ALL WARRANTIES RELATED TO THE TRANSLATIONS, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTIES OF ACCURACY, RELIABILITY, AND ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
THIS SERVICE MAY CONTAIN TRANSLATIONS POWERED BY GOOGLE. GOOGLE DISCLAIMS ALL WARRANTIES RELATED TO THE TRANSLATIONS, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTIES OF ACCURACY, RELIABILITY, AND ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
THIS SERVICE MAY CONTAIN TRANSLATIONS POWERED BY GOOGLE. GOOGLE DISCLAIMS ALL WARRANTIES RELATED TO THE TRANSLATIONS, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTIES OF ACCURACY, RELIABILITY, AND ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
THIS SERVICE MAY CONTAIN TRANSLATIONS POWERED BY GOOGLE. GOOGLE DISCLAIMS ALL WARRANTIES RELATED TO THE TRANSLATIONS, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTIES OF ACCURACY, RELIABILITY, AND ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
THIS SERVICE MAY CONTAIN TRANSLATIONS POWERED BY GOOGLE. GOOGLE DISCLAIMS ALL WARRANTIES RELATED TO THE TRANSLATIONS, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTIES OF ACCURACY, RELIABILITY, AND ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
View PDF
