Deploy a Custom Certificate on Windows User-ID Agent

Complete the following procedure to obtain and deploy custom certificates for mutual authentication between the Windows User-ID Agent and a firewall.
  1. Generate or obtain your server and client certificates.
    Based in the needs of your organization, choose one of the supported methods for generating or obtaining your custom certificates.
    The server certificate that you install on the Windows User-ID Agent requires the Privacy Enhanced Mail (PEM) format and an encrypted passphrase.
  2. Upload the server certificate to the Windows User-ID Agent.
    Under Server Certificate on the Windows User-ID agent, upload the server certificate and enter the private key password.
  3. Configure the client certificate profile on the firewall.
  4. Apply the certificate profile.
    On the firewall, select DeviceUser IdentificationConnection Security and choose the certificate profile.

Related Documentation