Create an internal ECDSA certificate authority for VPN gateways

The Elliptic Curve Digital Signature Algorithm (ECDSA) is a digital signature algorithm that uses elliptic curve cryptography. If you want to use the ECDSA signature algorithm for signing VPN certificates, create an Internal ECDSA CA for Gateways.

You can create one Internal ECDSA CA for Gateways. You can use both an Internal ECDSA CA for Gateways and an Internal RSA CA for Gateways at the same time. When there is more than one valid CA, you can select which CA signs each certificate.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration, then browse to Secure SD-WAN.
  2. Browse to Other Elements > Certificates > SD-WAN Certificate Authorities.
  3. Right-click SD-WAN Certificate Authorities, then select Create New SD-WAN ECDSA Certificate Authority.
    A new Internal ECDSA CA for Gateways is created.

Result

The ECDSA CA for Gateways is ready to use for signing certificates.