| Home Prev |  InControl 3.19.01 Administration Guide
|
Next |
|---|
Creating Self-signed Certificates
The procedure for creating a self-signed certificate is a subset of the steps for creating a certificate request.A Certificate object with its Type property set to request is essentially a self-signed certificate which is waiting to be signed, although it cannot be used with other configuration objects.
Start by adding a new Certificate object as described previously so the certificate dialog appears. In the dialog, choose the Self Signed Certificate option.
Go through the dialog tabs, entering the certificate details. When finished, press the Start Operation button in the Create tab to generate the self-signed certificate. This can then be used with, for example, VPN tunnels.
If the certificate needs to be imported on another firewall, the .cer and .key files can be saved to the local disk using the certificate Export option. It can then be re-uploaded to another firewall through the certificate Import option in InControl or using the Web Interface.
The cOS Core Web Interface also offers a way to create self-signed certificates but with less options. Go to Objects > Key Ring > Add > Certificate in the Web Interface, then choose the Generate (RSA) from Source options for the new certificate. This is described in the separate cOS Core Administration Guide.
Importing Existing Certificates
If a new certificate is to be defined based on existing certificate files then this is done by first creating a named Certificate object in InControl and then using the Import option to select the .cer file which contains the new certificate's public key.If the .key file containing the private key is present in the same directory as the .cer file , InControl will automatically import both files and the Type for the object will be set to Local.
If the .key file is not found, InControl will ask if it is to be imported as well.
If the answer is No, the Type property is set to Remote. If the answer is Yes, a file chooser dialog appears to select the private key file and the Type property becomes Local.
