Creating A Certificate Signing Request - Watchguard SSL 1000 User Manual

Vpn gateway

Hide thumbs Also See for SSL 1000:

Setup manual (6 pages)

Hardware manual (31 pages)

Quick reference manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

Table of Contents

private key from tampering and it is also required when restoring a saved configuration to the Firebox

SSL VPN Gateway. Passwords are used whether the private key is encrypted or unencrypted.

Caution: When you upgrade to Version 6.0 and save the configuration file, it cannot be used on earlier

versions of the Firebox SSL VPN Gateway. If you attempt to upload the Version 6.0 configuration file to

an earlier version, the Firebox SSL VPN Gateway becomes inoperable.

You can also import a password-protected certificate and private key pairs in the PKCS12 format. This

allows encrypted and password-protected private keys and certificates created on the Firebox SSL VPN

Gateway to be imported.

Caution: If you save the configuration on Version 4.5 of the Firebox SSL VPN Gateway, do not install it on

an earlier version of the appliance. Because the private key is encrypted in Version 4.5, older versions

cannot decrypt it and the appliance becomes inoperable.

Creating a Certificate Signing Request

The CSR is generated using the Certificate Request Generator in the Firebox SSL VPN Gateway Adminis-

tration Tool.

To create a Certificate Signing Request

Click the VPN Gateway Cluster tab a

On the Certificate Signing Request tab, type the required information in the fields and then click

Generate Request.

Note: In the field VPN Gateway FQDN, type the same FQDN that is on the General Networking tab. In

Password, type the password for the private key.

A .csr file is created. Save the certificate request on the local computer.

Email the certificate to your Certificate Authority

The certificate provider returns a signed certificate to you by email. When you receive the signed certifi-

cate, install it on the Firebox SSL VPN Gateway.

After you create the certificate request and send it to the Certificate Authority, refrain from performing

the following tasks on the Firebox SSL VPN Gateway until you receive the signed certificate back and

install it on the appliance:

• Generating another Certificate Signing Request

• Uploading a saved configuration file

• Publishing configuration settings from another appliance in the cluster

Important: When the certificate is generated and sent to the Certificate Authority, do not create

another Certificate Signing Request. The Firebox SSL VPN Gateway stores one private key. If the

Certificate Signing Request is run again, the private key is overwritten and the signed certificate will not

match.

Administration Guide

Overview of the Certificate Signing Request

Note

nd open the window for the appliance.

Note

111

Table of Contents

Troubleshooting

This manual is also suitable for:

Ssl 500 Firebox ssl series

Creating A Certificate Signing Request - Watchguard SSL 1000 User Manual

Creating a Certificate Signing Request

Troubleshooting

Related Manuals for Watchguard SSL 1000

Related Content for Watchguard SSL 1000

This manual is also suitable for:

Table of Contents