Generating Private Keys for TLS Contexts
The device can generate the private key for a TLS Context. The private key can be generated for CSR or self-signed certificates. You can choose to generate the keys using the RSA or Elliptic Curve Digital Signature Algorithm (ECDSA) encryption algorithm.
|
➢
|
To generate a new private key for a TLS Context: |
|
2.
|
In the table, select the required TLS Context index row, and then click the Change Certificates link located below the table; the Change Certificates page appears. |
|
3.
|
Scroll down to the Generate New Private Key group: |
|
4.
|
From the 'Private Key Format' drop-down list, select the encryption algorithm for the private key: |
|
5.
|
From the 'Private Key Size' drop-down list, select the size of the private key (in bits): |
|
6.
|
(Optional) In the 'Private key pass-phrase' field, enter a password (passphrase) to encrypt the private key file. The default passphrase is "audc". The passphrase can be up to 32 characters. If you don't want to encrypt the file, leave the field blank. |
The passphrase cannot be configured with wide characters.
|
7.
|
Click Generate Private-Key; a message appears requesting you to confirm key generation. |
|
8.
|
Click OK to confirm key generation; the device generates a new private key, indicated by a message in the Certificate Signing Request group: |
|
9.
|
Continue with certificate configuration by creating a CSR or generating a new self-signed certificate. |
|
10.
|
Save configuration with a device reset for the new certificate to take effect. |