You can generate server and client certificates, view information on the issuance and management of digital certificates across your organization by viewing server and client certificates.

1. From the navigation bar, select Network Control > Policies & Profiles.
   The Policies & Profiles page is displayed.
2. In the Policies & Profiles page, click Certificate Template.
   The Certificate Template page is displayed. By default, the Certificate tab is displayed.
3. Select the Server & Client Certificates tab.
   The Server & Client Certificates page is displayed.

   
4. On the upper right-hand corner, click Generate Certificate.
   The Generate Certificate page is displayed.
5. On the upper-right corner, click Generate Certificate.
   The Generate Certificate page is displayed. The Generate Certificate has the followin options.

   • Generate Certificate: Creates a new server, client certificate signed by CA.
   • Generate Certificate with CSR: Creates a new server certificate signed by CA.
   • Upload Certificate: Uploads a server or client sertificate.

6. In the Generate Certificate page, complete the following:
   • Certificate Template: Select a certificate template from the drop-down.
   • Identity: Select an identity from the drop-down. Alternatively, click Add to access the Create Identity sidebar and create an identity. For more information on creating an identity, refer to:
   • CSR Source: Select one of the following from the drop-down:
     • Auto-generate CSR
     • Copy & Paste CSR
   • USERNAME: Enter a username.
   • Description: Enter a description.
7. Click Generate.
   The certificate is generated.
8. (Optional) In the Certificate page, click a name.
   The Certificate Details sidebar is displayed.

   

   The Certificate Details sidebar displays the following options:

   • Certificate Information: Displays certificate details.
   • Download: Downloads the certificate.
   • Usage: Displays the usage information.
9. (Optional) Select a certificate name and click Download to download the certificate.
   The Download sidebar is displayed.

   

   The Download sidebar provides the following options:

   • View Public Key – Click this option to view the public key without downloading it.
   • Public Key – Click the Download PEM button to download a Privacy Enhanced Mail (PEM) file containing the public key.
   • View Chain – Click this option to view the certificate chain without downloading it. A certificate chain is an ordered list of certificates that allows you to verify the sender's identity and the trustworthiness of all involved Certificate Authorities (CAs).
   • Chain – Click the Download PEM button to download a PEM file containing the certificate chain. A certificate chain PEM file contains the end-to-end chain of trust information from the End-Entity Certificate (the certificate issued to the final user or device) to the Intermediate Certificates (certificates that link the end-entity certificate to the root certificate) to the Root Certificate (the top-level certificate issued by a trusted root CA).

   .