Cisco Cisco Web Security Appliance S160 Guía Del Usuario

Click Generate. The Web Security appliance generates the certificate with the data you entered and 
generates a key.

The generated certificate information is displayed on the Edit Key Management Settings page.

After you generate the certificate and key, you can download the generated certificate to 
transfer it to the SaaS applications with which the Web Security appliance will 
communicate. Do this using the Download Certificate link in the generated key area. 

Optionally, you can download the Certificate Signing Request (CSR) using the Download 
Certificate Signing Request link so you can submit it to a certificate authority (CA). After you 
receive a signed certificate from the CA, click Browse and navigate to the signed certificate 
location. Click Upload File. You can do this anytime after generating the certificate on the 
appliance. 

Submit your changes.

You can back up the certificates and keys the HSM card manages to an XML file. Similarly, you can 
restore the certificates and keys from the XML file to the HSM card. Backing up includes all certificates 
and keys stored in the HSM card in the XML file. The keys are encrypted before being stored to the file. 
When you restore from the XML file, you can choose which certificate and key pairs to restore.

When you save the appliance configuration to a file, the certificate and keys the HSM card manages are 
not included in the configuration file. Also, if you restore the appliance configuration from a file that 
erroneously includes certificate and key information, AsyncOS ignores the certificate and key 
information in the file.

To back up and restore certificates and keys, use the Backup Certificates and Keys section on the Edit 
Key Management Settings page. 

 shows where you back up and restore certificates and keys 

on the Edit Key Management Settings page.