Cisco Cisco Web Security Appliance S170 사용자 가이드

After you generate the certificate and key, you can download the generated certificate to 
transfer it to the client applications on the network. Do this using the Download Certificate 
link in the generated key area. 

Optionally, you can download the Certificate Signing Request (CSR) using the Download 
Certificate Signing Request link so you can submit it to a certificate authority (CA). After you 
receive a signed certificate from the CA, click Browse and navigate to the signed certificate 
location. Click Upload File. You can do this anytime after generating the certificate on the 
appliance. 

Submit your changes.

When you configure the Web Security appliance as an identity provider, the settings you define apply to 
all SaaS applications it communicates with. The Web Security appliance uses a certificate and key to 
sign each SAML assertion it creates. You can either upload or generate the certificate and key. 

For more information, see 

To upload a certificate and key for SaaS Access Control:

Log into the FIPS management console.

Click Edit Settings in the Key Management section.

Scroll down to the SaaS Single Sign On Certificate and Key section on the Edit Key Management 
Settings page.

 shows the SaaS Single Sign On Certificate and Key section.

Configure a signing certificate the appliance should use when it communicates using a secure connection 
(in the SAML flow) with service providers:

Uploaded certificate and key. Go to step 

 on page 12.

Generated certificate and key. Go to step 

 on page 12.