Creating a Certificate Signing Request
To provide secure communications using SSL or TLS, a server certificate is required on NetScaler Gateway. Before you can upload a certificate to NetScaler Gateway, you need to generate a Certificate Signing Request (CSR) and private key. You use the Create Certificate Request included in the NetScaler Gateway wizard or the configuration utility to create the CSR. The Create Certificate Request creates a .csr file that is emailed to the Certificate Authority (CA) for signing and a private key that remains on the appliance. The CA signs the certificate and returns it to you at the email address you provided. When you receive the signed certificate, you can install it on NetScaler Gateway. When you receive the certificate back from the CA, you pair the certificate with the private key.
Important: When you use the NetScaler Gateway wizard to create the CSR, you must exit the wizard and wait for the CA to send you the signed certificate. When you receive the certificate, you can run the NetScaler Gateway wizard again to create the settings and install the certificate. For more information about the NetScaler Gateway wizard, see Configuring Settings by Using the NetScaler Gateway Wizard.
To create a CSR by using the NetScaler Gateway wizard
- In the configuration utility, click the Configuration tab and then in the navigation pane, click NetScaler Gateway.
- In the details pane, under Getting Started, click NetScaler Gateway wizard.
- Follow the directions in the wizard until you come to the Specify a server certificate page.
- Click Create a Certificate Signing Request and complete the fields. Note: The fully qualified domain name (FQDN) does not need to be the same as the NetScaler Gateway host name. The FQDN is used for user logon.
- Click Create to save the certificate on your computer and then click Close.
- Exit the NetScaler Gateway wizard without saving your settings.
To create a CSR by using the NetScaler GUI
You can also use the NetScaler GUI to create a CSR, without running the NetScaler Gateway wizard.
- Navigate to Traffic Management > SSL > SSL Files and select Create Certificate Signing Request (CSR).
- Complete the settings for the certificate and then click Create.
After you create the certificate and private key, email the certificate to the CA, such as Thawte or VeriSign.