picture of tbs certificates
picture of tbs certificates
Our products range

Install a certificate in SonicWall - Aventail VPN

Warning: SonicWall official documentation contains few mistakes.

  • When importing the certificate as a zip, only put the server certificate in the server.crt file. In other words, rename the file cert-example.cer that we delivered to server.crt (contrary to what the documentation says, it only takes the first block into account).
  • Import the intermediate certificate (not as a ZIP). To do so, use the chain-example.txt file that we delivered.
  • Once the intermediate and the certificate are installed, tick the cas Enable the Apply (or Accept in the more recent versions). The appliance will restart to take the certificate into account.

Use of Keybot

If you used our Keybot tool in order to generate your CSR, you can also use it to create a pfx file containing your certificate, your private key and the certification chain.

  • Start by generating your .pfx file as indicated on the Keybot page, section You choose private key storage. Then retrieve your .pfx file.
  • Connect to Sonicwall go to System - Certificates.
    System menu - Sonicwall Certificates
  • Click on Import
    Sonicwall import button
  • Select Import a local end-user certificate with private key from a PCKS#12 (.p12 or .pfx) encoded file.Then select a certificate name and entre the .pfx certificate protection password. You can now click on Browser to import your .pfx file.
    Sonicwall import button

Disabling SSLv3, RC4, and 3DES

If you want to disable the obsolete protocol SSLv3 or the deprecated ciphers RC4 and 3DES, you can disble them via the SSL Settings - Configure SSL encryption menu and choose the following settings:

Sonicwall Configure SSL encryption

External documentation