Use a Unique Self-Signed Certificate on the Router

Vigor Router allows the administrator to create and sign a custom certificate for SSL VPN and HTTPS connections. Due to security concerns, it is strongly recommended to have a unique private key on each device for self-signed SSL. This article shows how to generate a customized self-signed certificate then replace the default one on Vigor Router

Create Root CA
  1. Make sure the router's time settings are correct. We strongly recommend using the time settings that match the client side.
  2. Go to Certificate Management >> Trusted CA Certificate, and click Create Root CA.
  3. Enter the identity of your organization in the subjects of Root CA, like the example below, and click Generate.
  4. The Root CA will be shown with status "OK". (NOTE: A router can only have one Root CA. To create a new Root CA, you’ll have to delete the old one first.)
Sign a Local Certificate with Root CA
  1. Go to Certificate Management >> Local Certificate, and generate a certificate request.
  2. Again, enter the identity of your organization for subjects, and click Generate.
  3. There will be a new local certificate request on the list with status Requesting. Click Sign to sign the local certificate.
  4. Set the date of Validity, and click Sign.
  5. The local certificate status will change to "OK".
Replace the Default Certificate
  1. Go to SSL >> General Setup, and select the new certificate created in step 6 for Server Certificate.
  2. From the browser, we should see the certificate has changed to the one we set. Now the router is using a customized self-signed certificate.

Published On:2015-12-07 

Was this helpful?     

Related Articles