Generate New SSL certificate for SonicWall Firewall

07/21/2022 914 People found this article helpful 483,291 Views

Description

The process to create a new certificate from your SonicWall Appliance.

Resolution

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

CAUTION:Will require a restart of the Firewall

In order to request and import a certificate from a certificate authority that will work on your appliance you will need to create a certificate signing request from the appliance

Go to Device| Settings| Certificates and then click on New Signing Request
Fill out the Certificate Signing Request with information with the Fully Qualified Domain Name (FQDN) you will be using for the SSL. Click the Generate button to create the CSR.
TIP: wildcard for a domain would be *.yourdomain.com, wildcards cost more but authenticate all subdomains on the domain
Download the CSR and you can open the content with a text editor. Notepad ++ is a good option because it keeps the format that works best for copying a csr request over to a Certificate Authority
Request the signed certificate from your Certificate Authority providing this CSR content.
Once you get the certificate back from the Certificate authority upload the certificate to the Pending Request.
Restart the appliance to verify the certificate is installed and appears as Validated.

If the certificate shows validated No use the following article to import the certificate chain to validate the SSL:

Importing Certificate Authority Chain

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

CAUTION: Will require a restart of the Firewall

In order to request and import a certificate from a certificate authority that will work on your appliance you will need to create a certificate signing request from the appliance

1. Go to Manage | Appliance | Certificates and then click on New Signing Request

2. Fill out the Certificate Signing Request with information with the Fully Qualified Domain Name (FQDN) you will be using for the SSL. Click the Generate button to create the CSR.

TIP: wildcard for a domain would be *.yourdomain.com, wildcards cost more but authenticate all subdomains on the domain

3. Download the CSR and you can open the content with a text editor. Notepad ++ is a good option because it keeps the format that works best for copying a csr request over to a Certificate Authority.