Install certificates on Symantec Messaging Gateway (SMG) that were originally created or requested on a different host.
Install either Subject Alternative Name (SAN) or wildcard certificates without a generated Certificate Signing Request (CSR) on SMG.
SMG will not install a certificate without either:
the private key included in the PEM file
a CSR that already exists in the SMG
Notice: These instructions are provided as a service to our customers. Symantec Enterprise Support will not provide assistance to convert certificate formats by phone, email, or chat. For more assistance, please contact your certificate authority.
Chaining your certificate and original private key (no passphrase used to generate certificate)
Create an empty text file.
Copy the contents of your certificate and paste into the new file.
Copy the contents of any intermediate certs and paste into the file after the certificate (if needed).
Copy the contents of your private key and paste into the new file after the certificate.
Save the new file locally (e.g. certandprivatekey.pem)
Import into the SMG.
Verify the combined PEM file is structured similar to this:
-----BEGIN CERTIFICATE----- <ASCII code for certificate> -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- <ASCII code for key> -----END RSA PRIVATE KEY-----
Chaining your certificate and original private key (passphrase used to generate certificate)
To modify the certificate import file, please have: