IMPORTING CERTIFICATES IN RADWARE APPDIRECTOR
It is critical for the security of your application (and your business) that data communicated over the internet is encrypted using certificates. Certificates are required for every public application that transmits data over the internet. While it is possible to host the certificate on your web server, which is entirely legal, it consumes additional CPU cycles to encrypt and decode traffic and creates an administrative headache when numerous servers are used in a farm. This burden is removed from your servers when you allow the AppDirector to offload SSL. It also provides the administrator with a single point of control to manage all web certificate requests. To produce a new certificate, generate a CSR, or import an existing certificate, follow the steps outlined in the following examples:
Table of contents for Security –> Certificates
1. Name – This field should be a pleasant name for your certificate – you can call it whatever you like as long as it is indicative of what it is intended to be used for.
2. Key Size: Select your preferred key size: 2048.
3. Common Name: The name of your application should be the same as the URL of your application (ie. www.mywebsite.com)
4. Entry Type: Select Signing Request if you want to generate a certificate signing request (CSR) to upload to a public or private CA.
5. Key Passphase: To keep the private key safe, choose a complex password that only you know. Hint: If you need to export the private key in the future, you’ll need this password. You’ll also need it to export a CSR.
Sixth, fill out the important information needed in the other fields that are relevant to your company’s operations.
Click “Set” when you are through filling out all of the fields. This will generate your CSR, which you will then export by following the steps outlined below:
Certificates –> Export –> Security –> Export (If you are on the Certificate Table page, you can also select the yellow “Export PKI components” button.)
1. Signing Request Name: Select a name for the signing request (the name you used in step 1 above)
2. Change to Signing Request is the type of request.
3. Passphrase: The password entered in step 5 above that is used to protect the private key.
Alternatively, you can choose Show to display the CSR in the text field, or Export to download the CSR as a text file. This will be the file or text that you will use to submit a certificate request to a public certificate authority (CA).
The AppDirector will require you to import the certificate you received back from the CA once it has been returned to you. To accomplish this, follow the steps outlined below:
Certificates –> Import –> Security –> Certificates –>
Use the exact same name (case sensitive) that you used in Step 1 above for this section. This must be the same, or else an error will be generated.
2. Type: Select Certificate from the drop-down menu.
3: Passphrase: Leave it blank – Passphrases are used to safeguard the private key, not the actual certificate itself.
4) Text: You may either copy and paste the certificate information into this field or click Browse to upload a file.
*Click on the Import button. As a result, you should be able to view your newly created certificate in the certificate table at this point.