D-Link DSR-Series User Manual 117
Section 7 - VPN
Self Certiīcate Requests
To request a self certiīcate to be signed by a CA, you can generate a Certiīcate Signing Request from the router
by entering identiīcation parameters and passing it along to the CA for signing. Once signed, the CAās Trusted
Certiīcate and signed certiīcate from the CA are uploaded to activate the self -certiīcate validating the identity
of this gateway. The self certiīcate is then used in IPsec and SSL connections with peers to validate the gatewayās
authenticity.
To generate a certiīcate signing request:
1. Click VPN > IPSec VPN > Certiīcates > Self Certiīcate Requests.
2. Click New Self Certiīcate.
3. Complete the īelds in the table below and click Save.
Field Description
Name Enter a name (identiīer) for the certiīcate.
Subject
This īeld will populate the CN (Common Name) entry of the generated certiīcate. Subject names are
usually deīned in the following format: CN=<device name>, OU=<department>, O=<organization>,
L=<city>, ST=<state>, C=<country>. For example: CN=router1, OU=my_company, O=mydept, L=SFO,
C=US.
Hash Algorithm
Select the algorithm from the drop-down menu. Select any one from the following: MD5, SHA-1,
SHA256, SHA384, and SHA512.
Signature Key Length Select the signature key length from the drop-down menu. Select either 512, 1024, or 2048
Application Type Select the application type from the drop-down menu. Select either HTTPS or IPSec.
IP Address Enter an IP address (optional).
Domain Name Enter a domain name (optional).
Email Address Enter your email address.
Save Click Save to save and activate your settings.
To Next Page
Loading...
Need help?
General
