Export Certificates and Keys

Use the following procedure to export certificates and keys.
  1. To export certificates and keys, specify query parameters
    certificate-name
    ,
    format
    , and
    passphrase
    :
    https://
    <firewall>
    /api/?type=export&category=<certificate> &certificate-name=
    <certificate_name>
    &passphrase=
    <passphrase>
    &format=<pkcs12><pem><pkcs10>&include-key=<yes><no>&vsys=<vsys> <omit this parameter to import it into a shared location>
    • certificate-name
      —name of the certificate object on the firewall
    • passphrase
      —required when including the certificate key
    • format
      —certificate format:
      pkcs12
      ,
      pem
      , or
      pkcs10
    • include-key
      —yes or no parameter to include or exclude the key
    • vsys
      —virtual system where the certificate object is used. Ignore this parameter if the certificate is a shared object.
    You can use the example above to export a certificate signing request (CSR). If you do so, then specify the following two parameters as shown:
    • format
      pkcs10
    • include-key
      no
  2. Confirm that the XML response includes the certificate:
    -----BEGIN CERTIFICATE----- MIIDXTCCAkWgAwIBAgIJAJC1HiIAZAiIMA0GCSqGSIb3Df BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVx aWRnaXRzIFB0eSBMdGQwHhcNMTExMjMxMDg1OTQ0WhcNMT <!-- TRUNCATED --> -----END CERTIFICATE-----

Recommended For You