To generate a
CSR in Cobalt Raq 550 follow the instructions below:
1. Select
Server Management > Security > SSL. The Certificate Information for Server
Desktop screen appears along with its associated buttons
2. To create
a new self-signed certificate, click Create Self-Signed Certificateand configure
the selections as follows:
-City.
The city in which the organization is located or registered. It is important
that this information is correct and can be verified with a local, regional, or
national government, or other official organization.
-State or
Province. The state, province, or region in which the above city is located.
It is important that this information is correct and can be verified with a
local, regional, or national government or other official organization.
-Country.
Select the country in which the organization that will use this certificate is
located or registered. It is important that this information is correct and can
be verified with a local, regional, or national government or other official
organization.
-Organization. The official name of the organization owning this
certificate. In order to obtain a signed certificate from a certificate
authority, the organization name and location must be verifiable with a local,
regional, or national government or other official organization. In addition,
the certificate authority must be able to verify that the person requesting the
certificate is the owner or employee of the named organization.
-Organization Unit. The division or unit of the organization that is using
this certificate. This is optional, but may be useful if the person applying for
a signed certificate is an employee of a subsidiary of a larger organization.
-Contact
Email. The email address to be contacted for information about this
certificate.
-Certificate Expiration Date. The date after which the certificate should no
longer be considered valid by client software attempting to connect to this
server.
3. Click
Create Signing Request to create a certificate signing request.
Note: In some
cases, the state and province information does not apply, depending on the
country and how it is divided into different areas.
4. After the
fields are filled in, activate the Generate Self-Signed Certificate checkbox.
This allows you to generate a self-signed certificate along with the signing
request. The self-signed certificate can be used temporarily while you wait for
the Certificate Authority to process your signing request. The certificate
signing request can be submitted to a Certificate Authority to create a signed
certificate that Web browsers can verify as authentic.
5. Click
Manage Certificate Authorities to add or remove secondary certificate
authorities for this site. The Certificate Authority Management for Server
Desktop screen appears. Note: Secondary certificate authorities are usually not
needed, but certain authorities issue an extra certificate to be used for client
authentication in addition to the usual server certificate that most certificate
authorities issue.
6. Configure
the settings as follows:
-Certificate
Authority Name. Enter a unique name to identify this secondary certificate
authority.
-Select
Certificate. Click Browse to select the file that contains the certificate
authority’s certificate. The certificate should be the only thing in the file.
7. Click
Import to import a signed certificate
8. Click
Browse to select the text file containing the certificate to import.
The
certificate file must contain both the private key and certificate sections if
you are transferring it from another server. If the certificate is from a
certificate authority to which you submitted a certificate signing request
generated by this server, only the certificate is necessary, but it is okay if a
private key is included with the signed certificate.
9. Click
Export to download the current private key and certificate, so the certificate
can be transferred to another server.
To generate
the key and CSR for Cobalt XTR please follow the steps below:
Enable SSL on
a virtual site:
1. Select the Server Management tab at the top. The Virtual Site List table
appears.
2. Click the green pencil icon next to the virtual site on which you want to
enable SSL. The User List table appears.
3. Select Site Settings > General on the left side.
4. Click to enable the check box Enable SSL.
5. Click Save Changes.
The server appliance saves the configuration of the virtual site.
Generate a
self-signed certificate
Once the Server Administrator has enabled SSL, the Site Administrator must now
create a self-signed certificate. The self-signed certificate can be signed
later by an external authority.
1. Under the Site Management (<sitename>) tab, select Site Settings > SSL on the
left side. The Certificate Subject Information table appears.
2. Enter the following information:
Country: Enter the two-letter country code (for example, AU for Australia or US
for United States).
State: Enter the name of the state (for example, New South Wales or California).
Locality: Enter the city or locality (for example, Sydney or Toronto).
Organization: Enter the name of the organization (for example, The Widgets
Corporation).
Organizational Unit: As an option, enter the name of a department (for example,
Hardware Engineering).
3. Select Generate self-signed certificate from the pull-down menu at the
bottom.
4. Click Save Changes.
The server appliance processes the information and regenerates the screen with
the new self-signed certificate in the Certificate Request and Certificate
windows.
Install certificate
To install the
certificate into Cobalt XTR follow the steps below:
1. Under the
Site Management (<sitename>) tab, select Site Settings > SSL on the left side.
The Certificate Subject Information table appears.
2. Highlight and remove the information currently in the Certificate window.
3. On the Web site or in the email from the external certification authority,
highlight and copy the information received.
4. Return to the Server Desktop UI and paste the new certificate information
that you copied in Step 3 into the Certificate window.
5. Select Use manually entered certificate from the pull-down menu at the
bottom.
