Generating Private Keys for TLS Contexts

You can configure the device to generate private keys for TLS Contexts. You can generate the private keys for certificate signing requests (CSR) or self-signed certificates. You can choose to generate the keys in different formats - RSA or Elliptic Curve Digital Signature Algorithm (ECDSA) encryption algorithm.

To generate private keys for TLS Contexts:
1. Open the TLS Contexts table (see Configuring TLS Certificate Contexts).
2. Select the required TLS Context index row, and then click the Change Certificates link located below the table; the Change Certificates page appears.
3. Scroll down to the Generate New Private Key group:

4. From the 'Private Key Format' drop-down list, select the encryption algorithm for the private key:
RSA
ECDSA
5. From the 'Private Key Size' drop-down list, select the size of the private key (in bits):
RSA:
2048 (default)
3072
4096
ECDSA:
256
384
521
6. Click Generate Private Key; the following confirmation message appears:

7. Click Yes to confirm key generation; the device starts generating a new private key (may take a few minutes):

When the key is successfully generated, the following message appears (e.g., for 2048-bit key):

8. Click OK to close the message box.
9. Continue with certificate configuration by creating a CSR or generating a new self-signed certificate.
10. On the toolbar, click the Save button to save your configuration to flash memory.