In the browser-based management tool, click Home > Certificate Maintenance > Create.
Type an appropriate name for the certificate, as explained in Naming Certificates.
Type an appropriate subject name, as explained in Naming Certificates.
Click the Signature Algorithm drop-down list > select the algorithm you want to use (SHA-1 or MD-5).
Click the RSA Key Size drop-down list > select the RSA key size that you want to use.
You cannot select a key size larger than the maximum key size on the Appliance.
Click Use External Certificate Authority.
If you are requesting a VeriSign certificate, check the VeriSign CA checkbox. Otherwise, leave the box unchecked.
If desired, type a name for your organization or division.
This is commonly referred to as the Organizational Unit and is used to differentiate organizational divisions or to describe departments or divisions.
Type the city or town where your organization does business.
This is commonly referred to as the Locality.
Type the unabbreviated name of the state or province where the organization does business.
This is commonly referred to as the State.
Type the ISO country code for the country where the organization does business.
This is commonly referred to as the Country and must be a valid, two-character ISO country code.
Click OK.
Look at the Action and Status fields.
The Action field should have red arrows on the left and the word Request displayed on a green background. The Status should be Building.
The red arrows and green background indicate that you need to click Apply.
Click Apply.
If any errors occur during the certificate creation process, they are displayed in the Error field on a red background.
If an error occurs, click Modify.
In the Modify Certificate dialog box, make the changes necessary to resolve the errors > click OK.
Click Apply and repeat the modification process until the Status field displays the words CSR in Progress on a yellow background.
To open a new browser window that displays the CSR contents, click View CSR.
Select and copy the complete CSR text into your computer's clipboard. Internet Explorer and other browsers sometimes combine them with the CSR text that is in between. Clicking the browser refresh/reload button will often fix the problem. If it doesn't, simply insert appropriate carriage returns during the next step. After you have copied the text, you can close that browser window.
Paste the CSR text from the clipboard to the e-mail message or HTML form as required by your CA.
The method for sending the CSR will vary, depending on the authority. VeriSign, for example, uses a web page interface.
IMPORTANT: The header and trailer must be on lines separate from the body of the CSR.
The header line will be similar to the following:
----- BEGIN NEW CERTIFICATE REQUEST-----
The trailer line will be similar to the following:
-----END NEW CERTIFICATE REQUEST-----
If required, you must use hard returns to separate these two lines from the body of the CSR.
Wait for the certificate to be returned from the external CA.
After the external CA responds with the certificate, do the following:
In the browser-based tool, click Home > Certificate Maintenance > the name of the certificate you want to store > Store Certificate.
In the Store Certificates dialog box, paste the CA certificate in the CA Certificate Contents box.
NOTE: If you requested a VeriSign certificate and you checked the VeriSign box in Step 7, the CA Certificate Contents box is grayed out. You will not need to paste the VeriSign CA certificate because VeriSign certificates are already stored on the appliance.
Paste your newly issued certificate in the Server Certificate Contents box.
Click Create.
Look at the Action and Status fields.
The Action field should have red arrows on the left and the word Create displayed on a green background. The Status should be CSR in Process.
The red arrows and green background indicate that you need to click Apply.
Click Apply.
If any errors occur during the certificate creation process, they are displayed in the Error field on a red background.
If an error occurs, click Store Certificate.
In the Store Certificate dialog box, make sure the correct certificates are pasted in the boxes > click OK.
Click Apply and repeat the modification process until the Status field displays the words Active on a green background.