Cisco Cisco IronPort Encryption Appliance Information Guide
How do I generate a new certificate request on the
IEA device?
IEA device?
Document ID: 118515
Contributed by Cisco TAC Engineers.
Oct 10, 2014
Contents
Introduction
How do I generate a new certificate request on the IEA device?
How do I generate a new certificate request on the IEA device?
Introduction
This document describes how to generate a new certificate request on the IronPort Encryption Appliance
(IEA) device.
(IEA) device.
How do I generate a new certificate request on the IEA
device?
device?
For the IEA, to generate a new certificate request:
In the GUI: Keys and Certificates > SSL Setup > Get Certificate Request.
1.
The keystore field should be prefilled with:
[Install Directory]/conf/enterprise.keystore
Change enterprise to an appropriate name (ex. [Install Directory]/conf/company.keystore).
2.
Complete the fields as follows:
Host = hostname of appliance (ex: pso10.postx.com)
State = spell out the full name (ex: California)
Country = two letter code (US, not USA)
Validity Period (max is about 2000 days)
State = spell out the full name (ex: California)
Country = two letter code (US, not USA)
Validity Period (max is about 2000 days)
Note: Do not lose the password otherwise you will have to repeat this process after you receive the
new certificate.
new certificate.
3.
Click Generate Keys and Certificate Request.
This will produce certificate request text at the bottom of the screen.
4.
Copy the text produced and send it to the CA of choice.
Note: You want to select Apache/Tomcat as the webserver when purchasing the certificate.
5.
Updated: Oct 10, 2014
Document ID: 118515