Sonic Wall – SSL Offloaders

To generate a CSR, you will need to create a key pair for your server. These two items are a digital certificate key pair and cannot be separated. If you lose your public/private key file or your password and generate a new one, your SSL Certificate will no longer match and a replacement has to be made.

Generate a Private Key and CSR

NOTE: A key length of 1024 bit is the default, but Geotrust recommends the use of a 2048 bit key.

If the request is intended for an Extended Validation certificate or a certificate with a validity period beyond December 31, 2013, the 2048 bit key length will need to be selected.

1. Create a directory called ‘C:\test’.
2. Launch “OpenSSL”.
3. Enter the following command to create a private key.  genrsa -des3 -out c:\test\key.pem 2048
4. Enter in a passphrase to protect the key (at least six characters).
5. Enter the following command to create a certificate request: req –new –key c:\test\key.pem –out c:\test\req.pem –config openssl_config.txt
6. Enter in all the required fields for the certificate you want to generate.
7. You have just created a key pair and a CSR.
8. To copy and paste the information into the enrollment form, open the file in a text editor that does not add extra characters (Notepad or Vi are recommended).
9. Copy and paste the CSR into the enrollment pages.