Obtaining a self-signed certificate
To obtain a self-signed certificate, open a command prompt and execute the
following command:
c:\key>c:\openssl\bin\openssl x509 -req -sha256 -days 10000 -in
server.csr -signkey server.key -out server.crt
Note: This command uses SHA-256 as a hash algorithm. MD5 or SHA-1 is
not recommended for a hash algorithm due to its low security level.
This command creates a server.crt file in the c:\key folder, which is valid
for 10,000 days. This is the signed private key, which is also referred to as a
self-signed certificate.
Obtaining a signed and trusted certificate
To obtain a signed and trusted certificate, you must obtain a certificate
signing request (CSR), send that file to a Certificate Authority (CA), and
request that the CA issue a signed and trusted certificate. Each certificate
authority has its own procedures and requirements. Use of this certificate
results in higher reliability in exchange for greater cost and requirements.
The signed and trusted certificate is the signed public key.
Verifying and releasing an SSL certificate passphrase
An SSL certificate cannot be applied for the SVP if the passphrase is set. If
the passphrase is set, release the passphrase for the SSL certificate before
applying the SSL certificate to the SVP. The following procedure explains how
to verify and release the passphrase settings.
Before you begin
• A private key (.key file) has been created.
• OpenSSL must be installed. In this procedure, it is installed in C:\openssl.
Procedure
1. Open a command prompt window with administrator permissions.
2. Move the current directory to the folder (for example, C:\key) where the
key file is stored, and run the following command:
Caution: Executing this command will overwrite the current key
file. To prevent loss of the key file, do one of the following:
• Back up the key file first.
• Use a different key file input destination and output destination.
C:\key>C:\openssl\bin\openssl rsa -in key-file-input-
destination -out key-file-output-destination
Setting up security 217
System Administrator Guide for VSP Gx00 models and VSP Fx00 models
To Next Page
Loading...
Need help?
General