Hej,
in v17 you can upload a Certificate without adding a private key. If i select this uploaded certificate in the Remote Certificate Field, i was not able to save it. The error "IPSec Connection "XXX" could not be updated. In my opinion, it is not necessary to include the private key of the remote certificate. The private key should only be stored on the relevant firewall.
Thanks.