Securing 2X ApplicationServer XG Gateway with Automatic Certificate Signing Request (CSR)
Choosing the right SSL certificate is easy with 2X ApplicationServer XG v10.5
One problem an administrator may face when securing 2X ApplicationServer XG Gateway(s) is what type of SSL certificate he needs to buy. There are various Certificate Authorities (CAs) available which sell different types of SSL certificates, so you could end up buying the wrong certificate. The certificate may also come in different formats and it might be difficult to convert the certificate to the format 2X ApplicationServer XG requires.
To ease this process 2X ApplicationServer XG v10.5 will have an inbuilt Certificate Signing Request (CSR) process which generates the information the administrator needs to provide to the CA so that the correct certificate is delivered.
First you need to enable SSL in the 2X Secure Client Gateway Properties window and press the button “Generate Certificate Request…”
Then you need to fill in the Certificate information which includes the company information and certificate key size. It is important that the Common name field is filled with the Full Qualified Domain Name of the machine where the certificate is going to be used.
Once you press the “Save” button, the Certificate Request data is generated and you can send this to your CA so that the correct certificate is returned. Please note that the private key does not leave the machine you are generating the request on.
The request remains pending until you receive the actual certificate which you can import into the system by pressing the “Import Public Key…” The request can be cancelled and recreated at any time.
What happens when I click “Generate new certificate”, we have an expired one. Will I be able to finish the request cycle via that console? What will that do to my existing connections?
Hi Rick,
Thank you for your post!
“Generate new certificate” only means you generate a self signed certificate, not really much to do with the Certificate Signing Request(CSR). 2X Application Server XG offers the possibility to automatically create Certificate Signing Requests (CSR). This helps the Administrators to purchase the correct SSL certificate by
providing the correct information.
1. To generate “Certificate Signing Requests” first you need to enable SSL in the 2X
Secure Client Gateway Properties from the SSL/TLS Configuration
2. Press the button “Generate certificate request…”
3. Select the Key size for the certificate request
4. Insert the information required into the text boxes
5. After inserting all the necessary information, click „Save‟ and note that the Certificate
Request is generated
As for importing the Public key, please have a look at the pdf version of our manual, page 89:
http://www.2x.com/docs/en/manuals/pdf/2XApplicationServer.pdf
or drop us an email at Support@2x.com and we will be more than happy to assist!
Thanks!
Gino