NETGEAR FVX538v2 - ProSafe VPN Firewall Dual WAN Application Note

Generating a Self Certificate Request Using OpenSSL
for an FVX538 or FVS338 ProSafe® VPN Firewall
Summary
This application note describes how to configure a self certificate request (CSR) on one
WAN interface of a NETGEAR FVX538 or FVS338 ProSafe VPN Firewall using
OpenSSL to create the certificate authority. The procedure is the same for both models.
This application note is an updated version using the version 2.x router firmware. The
older version of this application note describes the procedure using version 1.x firmware.
Procedure
This procedure was developed and tested using:
• NETGEAR FVX538 ProSafe VPN Firewall with version 2.x firmware
o IP address subnet: 192.168.1.1; 255.255.255.0
The procedure includes how to generate a self certificate request, and then how to use
OpenSSL commands to create the certificate authority.
Generating a Self Certificate Request
You can create a CSR from the Generate Self Certificate Request section of the VPN
> Certificates page (certificates.htm) by specifying the values in this procedure.
1. In the Name field, type a name for the certificate (for example, cert1).
2. In the Subject field, type an appropriate subject (for example, FVX538).
3. From the Hash Algorithm drop-down menu select the appropriate algorithm (for
example, MD5).
4. From the Signature Algorithm drop-down menu, select the RSA algorithm.
5. From the Signature Key Length drop-down menu, select the appropriate key length
(for example, 512).
6. In the IP Address field (optional), you can type an IP address or leave it blank.
7. In the Domain Name field (optional), you can type a domain name or leave it blank.
8. In the E-Mail Address field (optional), you can type an email address or leave it
blank.
Application Note