Important Information about Firebox Certificates
Release Notes 3
Also, if you use a third-party Proxy Server or Proxy Authority certificate:
lThe CLI command will not work unless you first delete either the Proxy Server or Proxy Authority
certificate. The CLI command will regenerate both the Proxy Server and Proxy Authority default
lIf you originally used a third-party tool to create the CSR, you can simply re-import your existing third-
party certificate and private key.
lIf you originally created your CSR from the Firebox, you must create a new CSR to be signed, and then
import a new third-party certificate.
CLICommands to Regenerate Default Firebox Certificates
To regenerate any default Firebox certificates, delete the certificate and reboot the Firebox. If you want to
regenerate default certificates without a reboot, you can use these CLIcommands:
lTo upgrade the default Proxy Authority and Proxy Server certificates for use with HTTPS content
inspection, you can use the CLI command: upgrade certificate proxy
lTo upgrade the Firebox web server certificate, use the CLI command: upgrade certificate web
lTo upgrade the SSLVPN certificate, use the CLI command: upgrade certificate sslvpn
lTo upgrade the 802.1x certificate, use the CLI command: upgrade certificate 8021x
For more information about the CLI, see the Command Line Interface Reference.