picture of tbs certificates
picture of tbs certificates
Our products range

Install a certificate on Kemp

Install the intermediate certificates

  1. First, you will need to install the intermediate certificates. Connect to the administration interface and then in the category SSL Properties, click on Manage Certificates

  2. Then click on the button "Add New", which is found in "View/Modify Services" in column "Certificates Installed"

  3. From there, you can click"Add Intermediate"

  4. Choose the intermediate certificate. Give a name to this certificate and click on "Add Certificate"

  5. Repeat this process if there are several intermediate certificates.

Install the certificate

After clicking on the button "Add New", click on "Import Certificate"

Option 1: Import the certificate and its private key in base64

Select the certificate file via the browse button associated with Certificate File. This is the downloadable certificate file (.cer / .crt) from the status page of your certificate.

Enter the private key generated with the CSR via the browse button associated with Key File. If you used Keybot to generate your private key, it is encrypted. Enter his password in the box Pass Phrase.

Then, input a unique identifier in Certificate Identifier then click Save.

Option 2: Import a PKCS # 12 file (.p12 or .pfx)

Select your PKCS # 12 file via the browse button associated with Certificate File.

Specify your passphrase in the Pass Phrase then a unique identifier for the certificate in Certificate Identifier box, then click Save box.

Enable the certificate

Now that your certificate has been installed, you must select it via the category Virtual Services. You can then create or edit a virtual service. The section SSL Properties you will then be able to choose your certificate.

Please note that the SSL Properties allows you to choose the protocols (we recommend activating only TLS 1.2 and 1.3), as well as the ciphers.

If you want to have multiple certificates on the same port and the same IP, you will need to check Require SNI hostname.

Export the certificate

If you want to export your certificate, go to Certificates & Security then Backup/Restore Certs. You will then be able to export your certificate.

Useful links