Issue:
Creating an SSL certificate for NetBotz 750/755
Product Line:
NetBotz
Environment:
NBWL0755
NBRK0750
SSL cert
Cause:
In many instances, customers may want to create their own cert for a NetBotz appliance. The following is an example of how to create one for a NetBotz 700 series devices. Please note that this is not specific to NetBotz, it's just an example that can be used with them.
Resolution:
You can generate your own CSR with openssl or do it through one of the certificate providers. Its generally more secure to do it locally with openssl since you will have control over your private keys.
The first thing you need to do is to create a key for each of your devices. Here, we're using $DEVICE as a placeholder for each device name.
openssl genrsa -out $DEVICE.key 2048
Then you will need to use this key (per device) to generate a CSR for each device:
openssl req -new -key $DEVICE.key -out $DEVICE.csr
You will be asked to fill in:
• Country name (2 letter code)
• State or Province name
• Locality (eg, city)
• Organization (company name)
• Organizational unit (division, etc)
• Common name (CN which will be your machines FQDN – fully qualified domain name such as host.company.com)
• Email address
You should skip the extra attributes (especially the password).. just hit enter
Now you can use this CSR on one of the many commercial certificate authorities. If they ask for a SAN (subject alternative name) it’s a good idea to at least put the FQDN here but any aliases for the machine as well.
When you are done creating the CSR you can view it using:
openssl req -in $DEVICE.csr -text -noout
At this point, obviously you can install it in the NetBotz appliance under the following menu:
Settings-->System-->SSL certificate.