D-Link DSR-Series User Manual 100
Section 7 - VPN
Self Certiīcate Requests
To request a self certiīæcate to be signed by a CA, you can generate a Certiīæcate Signing Request from the router
by entering identiīæcation parameters and passing it along to the CA for signing. Once signed, the CAās Trusted
Certiīæcate and signed certiīæcate from the CA are uploaded to activate the self -certiīæcate validating the identity
of this gateway. The self certiīæcate is then used in IPsec and SSL connections with peers to validate the gatewayās
authenticity.
To generate a certiīæcate signing request:
1. Click VPN > IPSec VPN > Certiī cates > Self Certiī cate Requests.
2. Click New Self Certiī cate.
3. Complete the īæelds in the table below and click Save.
Field Description
Name Enter a name (identiīæer) for the certiīæcate.
Subject
This īæeld will populate the CN (Common Name) entry of the generated certiīæcate. Subject names are usually
deīæned in the following format: CN=<device name>, OU=<department>, O=<organization>, L=<city>,
ST=<state>, C=<country>. For example: CN=router1, OU=my_company, O=mydept, L=SFO, C=US.
Hash Algorithm Select the algorithm from the drop-down menu. Select either MD5 or SHA-1.
Signature Key Length Select the signature key length from the drop-down menu. Select either 512, 1024, or 2048
Application Type Select the application type from the drop-down menu. Select either HTTPS or IPSec.
IP Address Enter an IP address (optional).
Domain Name Enter a domain name (optional).
Email Address Enter your email address.
Save Click Save to save and activate your settings.
To Next Page
Loading...
Need help?
General
