User's Manual 13. Configuring SSL/TLS Certificates
Version 6.8 121 Mediant 500L MSBR
13.2 Assigning CSR-based Certificates to TLS Contexts
The following procedure describes how to request a digitally signed certificate from a
Certification Authority (CA) for a TLS Context. This process is referred to as a certificate
signing request (CSR) and is required if your organization employs a Public Key
Infrastructure (PKI) system. The CSR contains information identifying the device (such as a
distinguished name in the case of an X.509 certificate).
To assign a CSR-based certificate to a TLS Context:
1. Your network administrator should allocate a unique DNS name for the device (e.g.,
dns_name.corp.customer.com). This DNS name is used to access the device and
therefore, must be listed in the server certificate.
2. Open the TLS Contexts page (Configuration tab > System menu > TLS Contexts).
3. In the TLS Contexts table, select the required TLS Context index row, and then click
the Context Certificates button, located at the bottom of the TLS Contexts page;
the Context Certificates page appears.
4. Under the Certificate Signing Request group, do the following:
a. In the 'Subject Name [CN]' field, enter the DNS name.
b. Fill in the rest of the request fields according to your security provider's
instructions.
c. Click the Create CSR button; a textual certificate signing request is displayed in
the area below the button:
Figure 13-2: Certificate Signing Request Group
5. Copy the text and send it to your security provider (CA) to sign this request.
6. When the CA sends you a server certificate, save the certificate to a file (e.g., cert.txt).
To Next Page
Loading...
