This article explains how to install an SSL certificate on a Watchguard SSL100. I have purchased the certificate from godaddy.
If you found this article useful please click on my referral link before ordering your SSL certificate – cheers! http://www.godaddy.com/itbook
Step1 – Download and Install OpenSSL
NB – The SSL100 requires the certificate to be PEM formatted with a separate private key.
I recommend using openssl to generate the certificate signing request (CSR). You can download this from www.openssl.org
I recommend downloading the version shown below.
Once downloaded please install this. If prompted to install any dependencies (e.g. Microsoft Visual C++ 2008 Redistributable Package) then please do so before installing openssl.
Step2 – Use OpenSSL to generate CSR
Open an elevated command prompt and change to the openssl-win32 directory (i.e. enter the commend cd \openssl-win32\bin). Then enter the below.
openssl genrsa -out wgnet.key 2048
openssl req -new -key wgnet.key -out wgnet.csr
Lastly you need to convert the private key into PKCS#8 format. Enter the command
openssl pkcs8 -topk8 -in wgnet.key -out wgnet.pk8
You have now generated 3 files â€“ wgnet.csr, wgnet.key and wgnet.pk8
Step3 – Use CSR to generate SSL certificate
In this example I am buying the certificate from godaddy (http://www.godaddy.com). I chose godaddy as their certificates are easy to rekey incase of any errors or lost certificates. They are also cheap.
If you found this article useful please click on my referral link before ordering your SSL certificate â€“ cheers! http://www.godaddy.com/itbook
You require a standard SSL certificate.
Once purchased go to manage your certificates and setup the certificate you have just bought.
Open the wgnet.csr file in notepad.
Copy the contents into the CSR window as shown below.
Follow the wizard through. You will need to run through domain validation before the certificate is issued.
Step 4 – Install Certificate
Once you have completed domain authentication you will get an email from godaddy with a link to download the certificate. Note below I have chosen the certificate type “other”.
Log onto the Watchguard SSL and go to manage system – certificates.
Click on add server certificate
Select the certificate you downloaded from godaddy and the key file you created in step 2. Use the password also created in step 2.
Then to make the certificate live go to “administration service” and select the server certificate you just added – as shown below.
Select “save” and then “publish”.
Then go to “device settings”. Select the new certificate here also. Note this will cause the device to reboot as shown below.
Once the device is back up select publish to make your changes live. You can then test this externally.
Again, if you found this article useful please click on my referral link before ordering your SSL certificate – cheers! http://www.godaddy.com/itbook