From the SSL/TLS tab of the 2X Secure Client Gateway Properties window, click the "..." link to browse to the Private Key you created during the CSR creation process, and then again to find the Certificate file that was returned to you from E-Tuğra. If you receive a certificate file that includes an intermediate (all E-Tuğra certificates are issued with one or more intermediates for security purposes), you will want to combine those two files into one .pem file before enabling your certificate.
To create that file, simply open both certificate files in a text editor and copy them into a new file in the following format:
-----BEGIN CERTIFICATE-----
(Contents of your_domain.crt file)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Contents of Intermediate Certificate File
-----END CERTIFICATE-----
You should be able to enable the certificate by browsing to your new certificate.pem file and selecting it like you selected the private key, and then pressing the OK button at the bottom of the window.
Troubleshooting
If you get the error unable to get local issuer certuficate. you will need to add the intermediate certificates to the trusted.pem file on each of the clients by doing the following:
-
Open the file E-Tuğra_Root.crt in a text editor, select all, and copy to the clipboard.
-
Open the file trusted.pem in a text editor like Notepad:
Add the following line after the entry ending with -----End Certificate----- for E-Tuğra Certification Authority.
# E-Tuğra Certification Authory
(Paste the contents of e-tugra_root.crt) -
After updating the trusted.pem file you will then need to push this file to all of the client machines, then restart the client and this error should then be correcte