beaconlightboy
asked on
OpenSSL | PKI | Watchguard
I need to generate a private key using OpenSSL for my watchguard firebox, but what i don't understand is how does the box know what the private key is? its being genereted by an external program (openSSL).
Can someone explain to me how you tell the device what the private key is?
my SSL 100 box wants a server certificate and a client certificate. The older version of the box used to genereate the CSR for you and it was much more straight forward.
any help would be appreciated.
Can someone explain to me how you tell the device what the private key is?
my SSL 100 box wants a server certificate and a client certificate. The older version of the box used to genereate the CSR for you and it was much more straight forward.
any help would be appreciated.
The server cert is for hosting the SSL session. If you need to connect to another box where client certificate authentication is being used for some purpose then you would create a client cert as directed.
ASKER
well, i read this, it is identical to the help file. Where i'm getting lost is how the box knows what the private key is. if you generate a private key, then submit it, you don't get the private key back in the request. So when you add the public key to the box, how does it know what it's private key is?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://www.watchguard.com/help/docs/ssl/3/en-US/v3_1_WG_SSL_WebUI_UserGuide.pdf
See printed page 300, Adobe page 312 - it seems to walk you through the whole process. Let me know what step you are getting hung up on if you are having issues with what they are presenting.