1 Get the SSL certificate
After successfully applying for an SSL certificate in Wotong, you will get a compressed package file with a password. After entering the certificate password, you will get five files after decompression: for Apache , for IIS , for Ngnix , for Tomcat , for Other Server , this is the number of certificates. In this format, Sangfor ssl vpn requires certificates in for IIS and for Other Server formats. 
figure 1
1.2 Unzip the certificate file
Unzip the for IIS compressed package, you will get a certificate in www.xxx.com.pfx format,
1.3 Install the SSL certificate
1. You need to import as shown below, log in to the Sangfor SSL VPN management background, click System Configuration - Set Certificate - Update, follow the prompts to import the pfx certificate, and the password is the same as the password of the compressed file.
2. Open the certificate file for Other Server , create a new txt text file, open it with Notepad in the order of 1 , 2 , and 3 below, copy and paste it into the new txt file (note that there cannot be any code between the two codes during the pasting process). Empty line), rename it to bundle.crt ; 3. Import the synthesized bundle.crt certificate chain file, add SSL VPN settings - authentication settings - (external CA); import the synthesized crt file according to the prompts.
4. Restart the VPN
and enter in the browser address bar: apply for the domain name of the certificate to test whether your SSL certificate is installed successfully. If successful, a security lock sign will be displayed behind the browser address bar. Test the installation configuration of the site certificate.