Updating security certificate
If the certificate being requested is a re-key, you should select New Key for the certificate.
For a re-key, all information on the Security :: Certificates :: New Certificate section should be the same as the certificate for which re-key is being requested.
If you are exporting only one certificate, you immediately can choose to include the certificate, the private key (optionally secured by a passphrase), and/or the certificate chain, depending upon each item’s availability. If you are exporting multiple certificates, you will have the option to export each certificate individually or in a single PKCS#7 file.
When selecting to export multiple certificates as one file, click Continue to start the download.
Although certificates can include IP address SAN entries, this is not a recommended configuration in most cases.
To export one or more certificates, check the box for each desired certificate, select Export from the dropdown at the top of the table, and then click Apply.
Note: To learn more about SNI, please see Server Name Indication .
A wildcard domain name covers multiple subdomains, such as access.example.com, , and so forth.Usually, the easiest way to find the correct root for your certificate is to open the certificate file on your local machine and inspect its "Certification Path" or "Certificate Hierarchy".The root of this hierarchy or path is typically shown at the top of the tree.Note: If multiple IP addresses point to your appliance, make sure that the IP addresses assigned to a certificate correspond to that certificate's common name and subject alternative names.If you are uncertain of a hostname's corresponding IP address, you can ping the hostname to see the IP address to which it resolves.