- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
How to import a signed certificate with private key into GMS/Analyzer for HTTPS login using OpenSSL?
03/26/2020 
1,171 People found this article helpful
34,094 Views
Description
How to create and import a signed certificate with private key into GMS/Analyzer (7.2 or later) for HTTPS login using OpenSSL.
Resolution
Feature/Application:
When a signed certificate along with its private key requires to be imported into the SonicWall GMS, the certificate can be in the Java Key Store format with .jks extension or a signed public certificate and private key file. Import is done under the Deployment > Settings page of System Interface (/appliance) of GMS/Analyzer. This article provides instructions for creating and importing a public certificate and private key file. The certificate file (.crt/.cer), its corresponding key file (.key) and the password are required.
Procedure:
Installing OpenSSL for Windows:
1: OpenSSL download page - OpenSSL Download
2: Download Win32 OpenSSL v? (latest version)
3: Launch OpenSSL .exe file
4: Open Command Prompt (DOS) as Administrator
5: Type at prompt: cd c:\openssl-win32\bin (If your folder is not in c:\openssl-win32 then change command appropriately)
6: Type at prompt: set OPENSSL_CONF=c:\openssl-win32\bin\openssl.cfg (if you don't run this line you will get the following error: Can't open C:\Program Files (x86)\Common Files\SSL/openssl.cnf for reading, No such file or directory
Creating CSR and private key using OpenSSL:
1: Use the following command to create CSR and private key file via command prompt:
Navigate to - [install location]:\OpenSSL-Win32\bin
openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key
2: Provide appropriate info for CSR generation (Common Name, Organization, etc)
3: Gather CSR and private key files from the OpenSSL-Win32\bin folder.
4: Submit the CSR to CA for re-key of your current certificate or request of new certificate.
Importing certificate into GMS
1: Gather the signed certificate from CA (Apache or Tomcat format).
2: Import certificate (provided from CA) and .key file created via OpenSSL from the System Interface under Deployment>Settings>SSL Access Configuration of System Interface (/appliance).
3: Reboot server.
Related Articles
- How to move a firewall from Zero Touch to Manual Mode
- How to configure firewalls to be managed by Global Management System (GMS)?
- How to download tech support reports from SonicWall GMS and SonicWall Analyzer
YES
NO