Run a ZTPKI certificate import manually
Table of Contents
Expand all | Collapse all
-
- Activate Next-Generation Trust Security
-
-
- Configure AWS connection
- Configure Azure Key Vault connection
-
- Workload Identity Federation authentication
- Workload Identity Federation - Azure Identity Provider authentication
- Next-Gen Trust Security Generated Key authentication
- User permissions
- Workload Identity Federation authentication
- Next-Gen Trust Security Generated Key authentication
- User permissions
- Supported OIDC claims
-
-
-
-
- Create an F5 BIG-IP LTM machine
- Create a Microsoft Azure Private Key Vault machine
- Create a Microsoft IIS machine
- Create a Microsoft Windows (PowerShell) machine
- Create a Microsoft SQL Server machine
- Create a Common KeyStore machine
- Create a Citrix ADC machine
- Create an Imperva WAF machine
- Create a VMware NSX Advanced Load Balancer (AVI) machine
- Create an A10 Thunder ADC machine
- Create a Cloudflare machine
- Create Kemp Virtual LoadMaster machine
- Create a Palo Alto Panorama machine
-
- Provision to an F5 BIG-IP LTM
- Provision to a Microsoft Azure Private Key Vault
- Provision to Microsoft IIS
- Provision to Microsoft Windows (PowerShell)
- Provision to Microsoft SQL Server
- Provision to a Common KeyStore
- Provision to a Citrix ADC
- Provision to an Imperva WAF
- Provision to VMware NSX Advanced Load Balancer (AVI)
- Provision to an A10 Thunder ADC
- Provision to Cloudflare
- Provision to a Kemp Virtual LoadMaster
- Provision to Palo Alto Panorama
-
-
- 47-Day Validity Readiness TLS Certificates dashboard
- About the Certificate Inventory
- Managing certificate lifecycle settings
- Reissuing certificates in Next-Gen Trust Security
- Downloading certificates, certificate chains, and keystores
- Retiring, recovering, and deleting certificates
- Finding certificates in the certificate inventory
- Importing certificates from a CA using EJBCA
- Notification Center overview
- Domain-based validation for external emails
- Managing user accounts
- Troubleshooting
Run a ZTPKI certificate import manually
For an existing Zero Touch PKI (ZTPKI) CA connector in Next-Gen Trust Security, you can run a certificate import job at any time.
Important: You cannot use existing ZTPKI certificate authorities you'd created before the certificate import feature was introduced. This is because the ZTPKI CA creation wizard did not include the Import step. ZTPKI CAs created before the import feature was added do not have the required Import tab. In this case, you'll need to create a new ZTPKI CA.
To import certificates from a ZTPKI CA manually
- Sign in to Next-Gen Trust Security.
- Click Configuration > Certificate Authorities.
- Find and click on an existing ZTPKI CA.
- Click the Import tab.
- (Optional) Modify the current ZTPKI policies (Product Options). Only certificates issued by the policies you select will be imported.
- (Optional) Modify the Import options.
- Click Import.
After completing this process, your Next-Gen Trust Security inventory should reflect the imported certificates issued by the selected ZTPKI policy. Verify the results in the Certificate Inventory. Use the filter or search features to confirm that the expected certificates are present.