Load a Microsoft Signed Certificate [XCS v9.x]
Posted by Samuel Turi on 03 May 2011 01:02 PM

Load a Microsoft Signed Certificate [XCS v9.x]


To load a Microsoft Signed Certificate:

  1. On the WatchGuard XCS, select Administration > System > SSL Certificates.
  2. Make sure you change the size of the certificate's public key to 1024bit or 512bits.
  3. Click Generate a 'self-Signed' Certificate. The system must be rebooted.
  4. After the WatchGuard XCS has rebooted, select Administration > System > SSL Certificates, click Show installed Certificate, and then copy the Certificate Request to the clipboard.
  5. Use a web browser to go to your Microsoft CA Web Enrollment Support Page, for example: http://10.10.8.31/certsrv/
    (If Certificate Services are not already installed, select Add/Remove Windows Components, then Certificate Authority Type: Stand-alone root CA. The default is Enterprise CA, which only works with Active Directory.)
  6. Select Request a Certificate, and then click Next.
  7. Select Advanced request, and then click Next.
  8. Select Submit a Certificate request using a base64 encoded PKCS #10 file or a renewal request using a base64 encoded PKCS #7 file, and then click Next.
  9. Paste the Certificate Request from the WatchGuard XCS in the "Saved Request Window". Click Next.
  10. The Certificate is "Pending" until it is issued by the Windows CA Admin. To issue the certificate, select Administrative Tools > Certificate Authority > Pending Requests, right-click on the certificate, and then select Issue.
  11. Return to the Microsoft CA Web Enrollment Support Page, and select Check on a pending Certificate, then click Next.
  12. Select Base64, and click Download CA Certificate.
  13. When you have downloaded the certificate, copy the contents to the clipboard.
  14. On the WatchGuard XCS click Load a site Certificate.
  15. Paste the certificate request to the SSL Certificate Window, and then click Next.
  16. The WatchGuard XCS must be rebooted.
  17. After the system is rebooted you receive a warning "Website is Signed by an Unknown Authority". To resolve this warning, you must load the WatchGuard XCS certificate into your browser and assign it as trusted
(1 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).