In order to obtain a signed certificate from a trusted Certificate Authority (CA) such as Verisign, you need to provide the CA with a Certificate Signing Request (CSR). There are many different ways to generate a CSR, but here's a way to do it using the OpenSSL command line tool.
- Generate a key:
openssl genrsa -out host.key 2048Keep your .key file in a safe place - you will need to upload it to your Appliance later.
- Generate a CSR:
openssl req -new -key host.key -out host.csrMake sure to set Common Name (CN) to the hostname of appliance.
- Send the .csr file to your CA (i.e. Verisign, GoDaddy). The CA will use your CSR to
issue you a signed certificate (.crt file).