SonicOS 7 Device Settings
- SonicOS 7
- About Device Settings
- Managing SonicWall Licenses
- System Administration
- Configuring the Firewall Name
- Enabling Wireless LAN and IPv6
- Changing the Administrator Name and Password
- Configuring Login Security
- Multiple Administrators Support
- Enabling Enhanced Audit Logging Support
- Configuring the Wireless LAN Controller
- Enabling SonicOS API and Configuring Authentication Methods
- Enabling GMS Management
- Configuring the Management Interface
- Client Certificate Verification
- Selecting a Language
- Configuring Time Settings
- Managing Certificates
- Administering SNMP
- Firmware Settings
- Storage
- Restarting the System
- SonicWall Support
Generating a Certificate Signing Request
You should create a Certificate Policy to be used in conjunction with local certificates. A Certificate Policy determines the authentication requirements and the authority limits required for the validation of a certificate.
To generate a certificate signing request
- Navigate to Device | Settings > Certificates.
-
Click New Signing Request. The Certificate dialog is displayed.
- Enter an alias name for the certificate in the Certificate Alias field.
-
Create a Distinguished Name (DN) using the drop-down menus shown in table below, then enter information for the certificate in the associated fields.
For each DN, you can select your country from the associated drop-down menu; for all other components, enter the information in the associated field.
Drop-down menu Select appropriate information Country - Country (default)
- State
- Locality or County
- Company or Organization
State - Country
- State (default)
- Locality, City, or County
- Company or Organization
- Department
Locality, City, or County - Locality, City, or County (default)
- Company or Organization
- Department
- Group
- Team
Company or Organization - Company or Organization (default)
- Department
- Group
- Team
- Common Name
- Serial Number
- E-Mail Address
Department - Department (default)
- Group
- Team
- Common Name
- Serial Number
- E-Mail Address
Group - Group (default)
- Team
- Common Name
- Serial Number
- E-Mail Address
Team - Team (default)
- Common Name
- Serial Number
- E-Mail Address
Common Name - Common Name (default)
- Serial Number
- E-Mail Address
As you enter information for the components, the Distinguished Name (DN) is created in the Subject Distinguished Name field.
-
Optionally, you can also attach a SUBJECT ALTERNATIVE NAME to the certificate after selecting the type from the drop-down menu:
-
Domain Name
-
Email Address
-
IPv4 Address
-
-
Select a signature algorithm from the drop-down menu:
- SHA1 (default)
- MD5
-
SHA256
-
SHA384
-
SHA512
-
Select a subject key type from the drop-down menu:
RSA (default) A public key cryptographic algorithm used for encrypting data, ECDSA Encrypts data using the Elliptic Curve Digital Signature Algorithm, which has a high strength-per-key-bit security. -
Select a subject key size or curve from the Subject Key Size/Curve drop-down menu.
Not all key sizes or curves are supported by a Certificate Authority, therefore, you should check with your CA for supported key sizes.
If you selected a Key Type of RSA, select a key size ECDSA, select a curve 1024 bits (default) prime256vi: X9.62.SECG curve over a 256 bit prime field (default) 1536 bits secp384r1: NIST/SECG curve over a 384 bit prime field 2048 bits secp521r1: NIST/SECG curve over a 521 bit prime field 4096 bits - Click Generate to create a certificate signing request file.
-
Click the Export icon. The Export Certificate Request dialog is displayed.
- Click the Export icon to download the file to your computer. An Opening <certificate> dialog displays.
-
Click OK to save the file to a directory on your computer.
You have generated the Certificate Request that you can send to your Certificate Authority for validation.
-
Click the Upload icon to upload the signed certificate for a signing request. The Upload Certificate dialog is displayed.
- Click Choose File to select a file.
- Select the file and click Open.
- Click UPLOAD.
When the Certificate Signing Request is generated, a message describing the result is displayed and a new entry appears in the Certificates table with the type Pending request.
Was This Article Helpful?
Help us to improve our support portal