Line 73: |
Line 73: |
| [[File:IPSec CA Cert Generating Manager Check.png|none|none]] | | [[File:IPSec CA Cert Generating Manager Check.png|none|none]] |
| | | |
− | <br>
| |
− | Next we need to sign the CAIPSec CA. We will be Self-Signing our own CA.
| |
− | Under the '''Certificate signing''' configure as follows:
| |
− |
| |
− | - Signed Certificate Name: '''''CAIPSec'''''
| |
− |
| |
− | - Type of Certificate to Sign: '''''Certificate Authority'''''
| |
− |
| |
− | - Certificate Request File: '''''CAIPSec.req.pem'''''
| |
− |
| |
− | - Days Valid: '''''3650''''' // For this example we will use 3650 days, but you can configure this to be longer if needed. I would caution against too long of a CA.
| |
− |
| |
− | - Certificate Authority Key: '''''CAIPSec.key.pem'''''
| |
− |
| |
− | - Leave the rest of the configuration default
| |
− |
| |
− | - '''''Sign'''''
| |
− | <br>
| |
− |
| |
− | [[File:IPSec CA Cert Signing.png|none|none]]
| |
− |
| |
− | <br>
| |
− | After you hit *Sign* the CA cert you should see a notification pop-up near the top right, and if you select Certificates Manager you should see a CAIPSec.cert.pem under *Certificates*.
| |
− | <br>
| |
− |
| |
− | [[File:IPSec CA Cert Generating Confirmation2.png|none|none]]
| |
| <br> | | <br> |
| | | |
Line 138: |
Line 112: |
| <br> | | <br> |
| | | |
− | Next we need to sign the RUT1 cert.
| |
− | Under the `Certificate signing` configure as follows:
| |
− |
| |
− | - Signed Certificate Name: '''''RUT1'''''
| |
− |
| |
− | - Type of Certificate to Sign: '''''Client Certificate'''''
| |
− |
| |
− | - Certificate Request File: '''''RUT1.req.pem'''''
| |
− |
| |
− | - Days Valid: '''''3650'''''
| |
− |
| |
− | - Certificate Authority File: '''''CAIPSec.cert.pem'''''
| |
− |
| |
− | - Certificate Authority Key: '''''CAIPSec.key.pem'''''
| |
− |
| |
− | - Leave the rest of the configuration alone
| |
− |
| |
− | - '''''Sign'''''
| |
− | <br>
| |
− |
| |
− | [[File:IPSec RUT1 Cert Signing.png|none|none]]
| |
− |
| |
− | <br>
| |
− | After you hit *Sign* the Client cert you should see a notification pop-up near the top right, and if you select Certificates Manager you should see a RUT1.cert.pem under *Certificates*.
| |
− | <br>
| |
− |
| |
− | [[File:IPSec RUT1 Cert Manager Check.png|none|none]]
| |
− |
| |
− | <br>
| |
| | | |
| ====Generating Rut2 Client Cert==== | | ====Generating Rut2 Client Cert==== |
Line 205: |
Line 150: |
| | | |
| [[File:IPSec RUT2 Cert Generating Confirmation.png|none|none]] | | [[File:IPSec RUT2 Cert Generating Confirmation.png|none|none]] |
| + | |
| + | ====Signing Certificates==== |
| + | ---- |
| + | |
| + | Next we need to sign the CAIPSec CA. We will be Self-Signing our own CA. |
| + | Under the '''Certificate signing''' configure as follows: |
| + | |
| + | 1. Signed Certificate Name: '''''CAIPSec''''' |
| + | |
| + | 2. Type of Certificate to Sign: '''''Certificate Authority''''' |
| + | |
| + | 3. Certificate Request File: '''''CAIPSec.req.pem''''' |
| + | |
| + | 4. Days Valid: '''''3650''''' // For this example we will use 3650 days, but you can configure this to be longer if needed. I would caution against too long of a CA. |
| + | |
| + | 5. Certificate Authority Key: '''''CAIPSec.key.pem''''' |
| + | |
| + | 6. Leave the rest of the configuration default |
| + | |
| + | 7. '''''Sign''''' |
| + | <br> |
| + | |
| + | [[File:IPSec CA Cert Signing.png|none|none]] |
| + | |
| + | <br> |
| + | After you hit *Sign* the CA cert you should see a notification pop-up near the top right, and if you select Certificates Manager you should see a CAIPSec.cert.pem under *Certificates*. |
| + | <br> |
| + | |
| + | [[File:IPSec CA Cert Generating Confirmation2.png|none|none]] |
| + | <br> |
| + | |
| + | Next we need to sign the RUT1 cert. |
| + | Under the `Certificate signing` configure as follows: |
| + | |
| + | 1. Signed Certificate Name: '''''RUT1''''' |
| + | |
| + | 2. Type of Certificate to Sign: '''''Client Certificate''''' |
| + | |
| + | 3. Certificate Request File: '''''RUT1.req.pem''''' |
| + | |
| + | 4. Days Valid: '''''3650''''' |
| + | |
| + | 5. Certificate Authority File: '''''CAIPSec.cert.pem''''' |
| + | |
| + | 6. Certificate Authority Key: '''''CAIPSec.key.pem''''' |
| + | |
| + | 7. Leave the rest of the configuration alone |
| + | |
| + | 8. '''''Sign''''' |
| + | <br> |
| + | |
| + | [[File:IPSec RUT1 Cert Signing.png|none|none]] |
| + | |
| + | <br> |
| + | After you hit *Sign* the Client cert you should see a notification pop-up near the top right, and if you select Certificates Manager you should see a RUT1.cert.pem under *Certificates*. |
| + | <br> |
| + | |
| + | [[File:IPSec RUT1 Cert Manager Check.png|none|none]] |
| + | |
| + | <br> |
| | | |
| <br> | | <br> |
Line 210: |
Line 215: |
| Under the `Certificate signing` configure as follows: | | Under the `Certificate signing` configure as follows: |
| | | |
− | - Signed Certificate Name: '''''RUT2'''''
| + | 1. Signed Certificate Name: '''''RUT2''''' |
| | | |
− | - Type of Certificate to Sign: '''''Client Certificate'''''
| + | 2. Type of Certificate to Sign: '''''Client Certificate''''' |
| | | |
− | - Certificate Request File: '''''RUT2.req.pem'''''
| + | 3. Certificate Request File: '''''RUT2.req.pem''''' |
| | | |
− | - Days Valid: '''''3650'''''
| + | 4. Days Valid: '''''3650''''' |
| | | |
− | - Certificate Authority File: '''''CAIPSec.cert.pem'''''
| + | 5. Certificate Authority File: '''''CAIPSec.cert.pem''''' |
| | | |
− | - Certificate Authority Key: '''''CAIPSec.key.pem'''''
| + | 6. Certificate Authority Key: '''''CAIPSec.key.pem''''' |
| | | |
− | - Leave the rest of the configuration alone
| + | 7. Leave the rest of the configuration alone |
| | | |
− | - '''''Sign'''''
| + | 8. '''''Sign''''' |
| <br> | | <br> |
| | | |