TLS Certificates: Difference between revisions
| (10 intermediate revisions by the same user not shown) | |||
| Line 97: | Line 97: | ||
The '''DH parameters''' refers to the parameters used in the Diffie-Hellman key exchange. This cryptographic protocol allows two parties to generate a shared secret over an untrusted communication channel securely. In practical use, such as with VPNs, TLS/SSL, or routers, DH parameters are used to securely generate session keys for encrypting data. Generating a DH Parameters follows similar steps: | The '''DH parameters''' refers to the parameters used in the Diffie-Hellman key exchange. This cryptographic protocol allows two parties to generate a shared secret over an untrusted communication channel securely. In practical use, such as with VPNs, TLS/SSL, or routers, DH parameters are used to securely generate session keys for encrypting data. Generating a DH Parameters follows similar steps: | ||
#Select '''DH Parameters''' file type. | The first step is to generate a Certificate Authority (CA) certificate, which will be used to sign both server and client certificates. | ||
#Click on the '''<span style="color:#0455a4"; font-size: 1.2em;>Certificate actions</span>''' button. | |||
#Select the '''<span style="color:#0455a4"; font-size: 1.2em;>Create</span>''' option | |||
[[File:Tls certificates rutos create certificate.png|border]] | |||
#<li value="3">Select '''DH Parameters''' file type. | |||
#Select '''Key Size''' | #Select '''Key Size''' | ||
#Enter '''Common Name''' | #Enter '''Common Name''' | ||
#Click [[File:Tls certificates | #Click the [[File:Tls certificates rutos create certificate ca create button.png|58px]] button | ||
[[File:Tls certificates dh.png| | [[File:Tls certificates rutos create dh certificate pt1.png|border]] | ||
====Generation of "Let's Encrypt" Certificate & Key==== | ====Generation of "Let's Encrypt" Certificate & Key==== | ||
| Line 107: | Line 113: | ||
Let's Encrypt provides free SSL/TLS certificates that are widely used for securing web services, VPNs, and other network communications. In practical use, such as with websites, routers, or VPNs, the Let's Encrypt certificate and key enable HTTPS connections or secure tunnels. Generating a Let's Encrypt certificate and key follows similar steps: | Let's Encrypt provides free SSL/TLS certificates that are widely used for securing web services, VPNs, and other network communications. In practical use, such as with websites, routers, or VPNs, the Let's Encrypt certificate and key enable HTTPS connections or secure tunnels. Generating a Let's Encrypt certificate and key follows similar steps: | ||
#Select the "'''Let's Encrypt'''" file type. | #Click on the '''<span style="color:#0455a4"; font-size: 1.2em;>Certificate actions</span>''' button. | ||
#Enter the '''Domain''' name | #Select the '''<span style="color:#0455a4"; font-size: 1.2em;>Create</span>''' option | ||
[[File:Tls certificates rutos create certificate.png|border]] | |||
#<li value="3">Select the "'''Let's Encrypt'''" file type. | |||
#Enter the '''Domain''' name that is linked to the device's e public IP address. | |||
#Enable '''Automatic renewal''' if you'd like the certificates to be automatically renewed every 60 days (Optional). | #Enable '''Automatic renewal''' if you'd like the certificates to be automatically renewed every 60 days (Optional). | ||
#Click [[File:Tls certificates | #Click the [[File:Tls certificates rutos create certificate ca create button.png|58px]] button | ||
[[File:Tls certificates lets encrypt.png| | [[File:Tls certificates rutos create lets encrypt certificate pt1.png|border]] | ||
====Generation of SCEP Certificate & Key==== | ====Generation of SCEP Certificate & Key==== | ||
---- | |||
SCEP (Simple Certificate Enrollment Protocol) automates the process of obtaining digital certificates from a certificate authority (CA). The client submits a certificate request to the SCEP server, which acts as an intermediary between the client and the CA. This protocol facilitates secure authentication and encryption, simplifying certificate management and renewal, especially in large-scale deployments. | SCEP (Simple Certificate Enrollment Protocol) automates the process of obtaining digital certificates from a certificate authority (CA). The client submits a certificate request to the SCEP server, which acts as an intermediary between the client and the CA. This protocol facilitates secure authentication and encryption, simplifying certificate management and renewal, especially in large-scale deployments. | ||
#Select '''SCEP''' as the '''File type''' | #Click on the '''<span style="color:#0455a4"; font-size: 1.2em;>Certificate actions</span>''' button. | ||
#Select the '''<span style="color:#0455a4"; font-size: 1.2em;>Create</span>''' option | |||
[[File:Tls certificates rutos create certificate.png|border]] | |||
#<li value="3">Select '''SCEP''' as the '''File type''' | |||
#Select '''Key Size''' | #Select '''Key Size''' | ||
#Enter the '''Common name''' | #Enter the '''Common name''' | ||
#Enter URL address of the SCEP server | #Enter URL address of the SCEP server | ||
#Enter the '''Challenge''' passkey (the unique value generated by the server for each session) | #Enter the '''Challenge''' passkey (the unique value generated by the server for each session) | ||
#Click | #Click the [[File:Tls certificates rutos create certificate ca create button.png|58px]] button | ||
[[File:Tls certificates scep | [[File:Tls certificates rutos create scep certificate pt1.png|border]] | ||
===Windows & Linux systems=== | ===Windows & Linux systems=== | ||