Warning
CA Certificates Configured Through FDM-Managed Devices
Security Cloud Control can manage multiple devices but is limited the in additional information that is saved when the device configuration is saved, which may incur some issues when handling internal CA certificates. Security Cloud Control does not save the cert or key information of CA certificates that are configured through the FDM-managed console; if you attempt to use a CA certificate that was configured in an FDM-managed device and apply it to an SSL policy that is deployed to a secondary device, Security Cloud Control creates a local copy of the CA certificate but does not and cannot copy the key information. As a result, neither Security Cloud Control or the secondary device have the key information and the CA certificate cannot be successfully deployed. This also means that the download link for the local copy of the CA certificate is unavailable.
We strongly recommend configuring a separate CA certificate for any additional devices through an FDM-managed device, or creating CA certificates through the Security Cloud Control UI.