Changing the certificate used by the OneConnect client/server

Last modified on 28 Nov, 2022. Revision 11
Changing the certificate used by the OneConnect client/server
Up to date for
14.00.06
Supported since
13.06.10
Status OK

Question

I want to replace the default HTTPS/SSL certificate with one that I have created, how do I do that?

Answer

Assuming that the new certificate is correctly uploaded to the firewall, follow this procedure:

  1. Open the configuration and go to System->Remote Management->Advanced Settings. Under WebUI->HTTPS Certificate change the certificate to the one you want to use.
  2. Deploy the change and then restart the firewall.

Requirements for the certificate to be used in OneConnect can be found here.

https://kb.clavister.com/336138791/oneconnect-vpn-certificate-not-trusted

This operation will also change the default HTTPS certificate used for firewall WebUI management as well and will also update the certificate for the SSL VPN legacy server.



Related articles

Configure the Android OpenConnect client towards Clavister NetWall
23 Aug, 2022 sslvpn openconnect oneconnect android core
Configure Clavister OneConnect for Windows towards Clavister NetWall
29 Oct, 2021 sslvpn openconnect oneconnect windows
Configure Linux OpenConnect towards Clavister NetWall
5 Mar, 2021 sslvpn openconnect oneconnect linux core
Configuring SSL-VPN / OneConnect server on secondary Firewall IP address
8 Apr, 2021 core sslvpn oneconnect interfaces arp
OneConnect VPN certificate not trusted
18 Mar, 2024 onetouch sslvpn oneconnect troubleshoot certificate
Avoiding cOS Core HA interruptions during configuration deployment
20 Feb, 2023 ha core idp cli cluster antivirus configuration
Changing the certificate used by cOS Core's SSL VPN client/server
25 Nov, 2022 core configuration sslvpn management
Configure the OpenConnect-GUI client towards Clavister NetWall
23 Aug, 2022 sslvpn openconnect oneconnect macos windows linux core