Searching...

Matching results

    Viewing and Creating Security Certificates

    All security certificates used on the router can be centrally managed. The router may require certificates for several functions, including:

    • HTTPS server access
    • VPN IPsec tunnels
    • Wi-Fi Client WPA2-Enterprise connection

    Each function will separately validate the certificate that it uses.

    Initializing Table Of Contents...

    Viewing a Security Certificate

    To view a security certificate, go to System > Security > Certificates.

    SETTING DESCRIPTION VALUES
    NAME User-defined name identifying the certificate N/A
    SUBJECT/DISTINGUISHED NAME The set of values that were entered during the enrollment and creation of the certificate N/A
    TYPE The type of certificate User, CA
    STATUS Status of the certificate Untrusted, Valid, Expired, Not yet valid, Wrong private key, Files missing or malformed, Invalid CA

    Creating a Security Certificate

    To create a security certificate:

    1. Go to System > Security > Certificates.
    2. Under the IMPORTED CERTIFICATES table, click CREATE PEM CERTIFICATES.

    The Create PEM Certificates window appears.

    Configure the following settings to create a security certificate.

    SETTING DESCRIPTION
    TYPE Select from Certificate or Root Certificate
    NAME Required name identifying the certificate
    CERTIFICATE Required for TYPE Certificate. Click to upload the certificate file
    PRIVATE KEY Required for TYPE Certificate. Click to upload the private key file
    CERTIFICATE BUNDLE/CHAIN Only shown for TYPE Certificate. This is currently not used by any functions on the router
    ROOT CERTIFICATE Required for TYPE Root Certificate. Optional for TYPE Certificate. Click to upload the root certificate file

    The following table describes which fields are required based on certificate usage.

    OPERATION CERTIFICATE PRIVATE KEY CERTIFICATE BUNDLE/CHAIN ROOT CERTIFICATE
    HTTPS Required Required N/A Ignored
    VPN IPSEC Required Required N/A Required
    Wi-Fi CLIENT WPA2-ENTERPRISE Required Required N/A Optional

    When configuring a Wi-Fi Client SSID to use WPA2-Enterprise mode, you can add certificates depending on the selected EAP method (TLS or PEAP) and the requirements of your remote RADIUS server.

    TOP