This article details how to create a Certificate Signing Request (CSR) for an SSL certificate and then import the certificate to the PGP Universal Server.
Services that the PGP Universal Server runs that use the SSL protocol require a server-side SSL/TLS certificate, which includes the DNS name for the IP address on which the service is running. To issue a certificate, the Certificate Authority needs information found in a certificate request.
To create a Certificate Signing Request (CSR)
- Click the icon in the Action column of the Organization Certificate row. The Generate Organization Certificate dialog box appears.
- Type a name for the certificate in the Common Name field.
- Type an email address in the Contact Email field.
- Type your organization's name in the Organization Name field.
- Type your organization's unit designation in the Organization Unit field.
- Type a city or locality, as appropriate, in the City/Locality field.
- Type a state or province, as appropriate, in the Province/State field.
- Type a country in the Country field.
- To generate a certificate signing request (CSR), click Generate CSR. If you choose this option, the certificate appears on the Certificate page labeled Pending. When the certificate has been validated and returned by the Certificate Authority (CA), import the certificate.
The New SSL/TLS Certificate dialog box disappears. The certificate request is created with the settings you specified. The CSR dialog box appears, showing the certificate request.
- Copy the contents of the CSR dialog box to a file, then click OK.
- Submit this file to your CA.
Once the CA approves and sends the certificate back to you.
- After you receive the certificate from the CA, import it as your Organization Certificate.
Importing the SSL Certificate
- Click the plus sign icon in the Import column of the pending certificate you are adding. The Add Certificate to Key dialog box appears.
- Paste the validated certificate file that was sent to you by the CA into the Certificate Block box.
- Click Save.
The Add Certificate to Key dialog box disappears. The certificate is ready for inspection and can be assigned to an interface.