How to create a Certificate Signing Request using OpenSSL?

How to create and import a signed certificate with private key into GMS/Analytics for HTTPS login using OpenSSL.

Feature/Application:

When a signed certificate along with its private key requires to be imported into the SonicWall GMS, the certificate can be in the Java Key Store format with .jks extension or a signed public certificate and private key file. Import is done under the Deployment > Settings page of System Interface (/appliance) of GMS/Analytics.  This article provides instructions for creating and importing a public certificate and private key file. The certificate file (.crt/.cer), its corresponding key file (.key) and the password are required.

Procedure:

Installing OpenSSL for Windows:

1: OpenSSL download page - OpenSSL Download
2: Download Win32 OpenSSL v? (latest version)
3: Launch OpenSSL .exe file
4: Open Command Prompt (DOS) as Administrator
5: Type at prompt: cd c:\openssl-win32\bin (If your folder is not in c:\openssl-win32 then change command appropriately)

Creating CSR and private key using OpenSSL:

1: Use the following command to create CSR and private key file via command prompt:

Navigate to - [install location]:\OpenSSL-Win32\bin

openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key

2: After step 1 is run you will be prompted for appropriate info for CSR generation (Common Name, Organization, etc).

3. Once you finish all prompts, the CSR and Key file will be generated.
4: Gather CSR and private key files from the OpenSSL-Win32\bin folder.
5: Submit the CSR to CA for re-key of your current certificate or request of new certificate.

Importing certificate into GMS

1: Gather the signed certificate from CA (Apache or Tomcat format).
2: Import certificate (provided from CA) and .key file created via OpenSSL from the System Interface under Deployment>Settings>SSL Access Configuration of System Interface (/appliance).
3: Reboot server.