How certificates work
Secure SD-WAN Manager servers and Engines use certificates to identify each other in system communications, and to secure communications to external components.
Note: Do not confuse certificates with licenses. Certificates are proof of identity that components use to authenticate themselves in
communications. Licenses are a proof of purchase used for ensuring that your organization is a legal license holder of the software.
To be able to communicate with other Secure SD-WAN Manager components, each Secure SD-WAN Manager server and Engine must have a valid certificate.
Certificates can also be used:
- For communication with some external components.
- In VPNs for authentication between remote gateways.
- By Engines for TLS inspection.
By default, the certificates used in system communications are generated by the internal certificate authority (CA) that runs on the Management Server. You can optionally install the Secure SD-WAN Manager with external certificate management to use certificates issued by an external CA.
Note: You can only configure the Secure SD-WAN Manager to use external certificates when you install the Secure SD-WAN Manager. It is
not possible to change to using external certificates in an existing installation. In Secure SD-WAN Manager 6.10, this feature is only available when you use
the Appliance.
For more information, see the Forcepoint FlexEdge Secure SD-WAN Installation Guide.