Choose the key length for generating the server certificate.
Following values are available:
• 1024: 1024-bit keys are no longer sufficient to protect
against attacks. Not recommended.
• 2048: 2048-bit keys are a good minimum. Recommended.
• 4096: 4096-bit keys are accepted by nearly all RSA
systems. Using 4096-bit keys will dramatically increase
generation time, TLS handshake delays, and CPU usage for
TLS operations.
Choose the digest algorithm:
• SHA1: This digest algorithm provides a 160-bit fingerprint
output based on arbitrary length input.
• SHA-256: This digest algorithm generates an almost-
unique, fixed size 256-bit (32-byte) hash. Hash is a one-way
function – it cannot be decrypted back
Enter the validity date for the server certificate in days.
In our example, set to “120”.
Select a country code from the dropdown list.
In our example, set to “MA”.
Enter a state name or province.
In our example, set to “Casablanca”.
Enter a city name.
In our example, set to “Casablanca”.
Enter the organization name.
In our example, set to “GS”.
Enter an email address.
In our example its “Cert@grandstream.com”.
3. Click on button after completing all the fields for the server certificate.
Click on button to export the server certificate file in “.crt” format.
Click on button to export the server key file in “. key” format.
Click on button to revoke the server certificate if no longer needed.
Notes:
• The server certificates (.crt and .key) will be used by the GWN7000 when acting as a server.
• The server certificates (.crt and .key) can be exported and used on another OpenVPN® server.
❖ Creating Client Certificate
To create client certificate, follow below steps:
To Next Page
Loading...
Need help?
General
