The TLS versions that your web server supports determine how you should install the server
certificate and key on the firewall. If your web server supports TLS 1.2 and Rivest,
Shamir, Adleman (RSA) or Perfect Forward Secrecy (
PFS) key exchange algorithms
and
your
end-entity (leaf) certificate is signed by intermediate certificates, we recommend
uploading a certificate chain (a single file)
to the firewall. Uploading the chain avoids client-side server certificate
authentication issues.