< Knowledge Base

Use a Unique Self-Signed Certificate on the Router

Published On: Dec 07, 2015 

Due to security concerns, it is strongly recommended to have a unique private key on each device for self-signed SSL. This article shows how to generate a unique self-signed certificate then replace the default one on Vigor Router.

Create Root CA

1. Make sure the router's time settings are correct. We strongly recommend using the time settings that match the client side.

2. Go to Certificate Management >> Trusted CA Certificate, and click Create Root CA.

3. Enter the subjects of Root CA, and click Generate.

4. The RootCA will be shown with status "OK". (Note: A router can only have one Root CA. To create a new Root CA, you’ll have to delete the old one first.)

Sign a Local Certificate with Root CA

5. Go to Certificate Management >> Local Certificate, and generate a certificate request.

6. Enter the subjects for the local certificate, and click Generate.

7. There will be a new local certificate request on the list with status Requesting. Click Sign to sign the local certificate.

8. Set the date of Validity, and click Sign.

9. The local certificate status will change to “OK”.

Replace the Default Certificate

10. Go to SSL >> General Setup, and select the new certificate created in step 6 for Server Certificate.

11. From the browser, we should see the certificate has changed to the one we set. Now the router is using a unique self-signed certificate.

Was this helpful?     

Related Articles