To generate a Certificate Signing Request (CSR), a key pair must be created from the server. These two items are a public key and a private key pair and cannot be separated. On Pulse Secure when CSR requests are made the private key will remain hidden on the Pulse system until the pending CSR request has been fulfilled with the installation/import of the signed SSL Certificate created from the CSR.
To generate a CSR for your Pulse Secure system perform the following.
Step 1: Generating your CSR:
- In the admin console, choose System > Configuration > Certificates > Device Certificates.
- Click New CSR.
- Specify the following information:
- Common Name: The Fully Qualified Domain Name that the certificate will be issued to and secure. for example www.yourdomain.com or if you are enrolling for a wildcard certificate *.yourdomain.com
- Organization Name: The Registered Organizational Name the certificate belongs to.
- Org. Unit Name: The Department within the Organization.
- Locality/City: The Business registered location (not the actual server location).
- State (fully spelled out): The business registered state or province (Do not abbreviate).
- Country/Region: The two letter ISO country code.
- Email address: Any will do.
- Key Type: Select RSA.
- Key length: Select 2048
- Random Data: Button mash your keyboard silly to create random data to augment the system random key generation.
- Click Create CSR.
- On the next screen you will get a message stating that your CSR has been successfully created.
- Scroll below and you will see your actual CSR with the following.
—-begin certificate requests —–
—-end certificate request —–
- You will copy and paste this information including the header and footer lines of begin/end into a note pad file. Eventually you will have to copy and paste this into your enrollment portal to get an SSL Certificate. The private key portion from this CSR creation remains hidden within a directory the system utilizes to store encryption keys.
Congrats! Your private key pair has now been created on this system. Your CSR request has been created and is ready for you to copy and paste its contents into the enrollment portal of the Certificate Authority you are getting your SSL Certificate from.
Note: When submitting a CSR to a CA authority, you may be asked to specify either the type of Web server on which the certificate was created or the type of Web server the certificate is for. Select Apache (if more than one option with apache is available, choose other).
If you are unable to use these instructions for your server, Acmetek recommends that you contact either the vendor of your software or the organization that supports it.
Pulse Secure Support:
For more information refer to Pulse Secure.
For installation instructions for you SSL Certificate click Here.