How to Install SSL Certificate on Watchguard SSL100

This article explains how to install an SSL certificate on a Watchguard SSL100. I have purchased the certificate from godaddy.

If you found this article useful please click on my referral link before ordering your SSL certificate – cheers! http://www.godaddy.com/itbook

 

Step1 – Download and Install OpenSSL

NB – The SSL100 requires the certificate to be PEM formatted with a separate private key.

I recommend using openssl to generate the certificate signing request (CSR). You can download this from www.openssl.org

I recommend downloading the version shown below.

Once downloaded please install this. If prompted to install any dependencies (e.g. Microsoft Visual C++ 2008 Redistributable Package) then please do so before installing openssl.

Step2 – Use OpenSSL to generate CSR

Open an elevated command prompt and change to the openssl-win32 directory (i.e. enter the commend cd \openssl-win32\bin). Then enter the below.

openssl genrsa -out wgnet.key 2048

openssl req -new -key wgnet.key -out wgnet.csr

Lastly you need to convert the private key into PKCS#8 format. Enter the command

openssl pkcs8 -topk8 -in wgnet.key -out wgnet.pk8

You have now generated 3 files – wgnet.csr, wgnet.key and wgnet.pk8

Â

Step3 – Use CSR to generate SSL certificate

In this example I am buying the certificate from godaddy (http://www.godaddy.com). I chose godaddy as their certificates are easy to rekey incase of any errors or lost certificates. They are also cheap.

If you found this article useful please click on my referral link before ordering your SSL certificate – cheers! http://www.godaddy.com/itbook

You require a standard SSL certificate.

Once purchased go to manage your certificates and setup the certificate you have just bought.

Open the wgnet.csr file in notepad.

Copy the contents into the CSR window as shown below.

Follow the wizard through. You will need to run through domain validation before the certificate is issued.

Step 4 – Install Certificate

Once you have completed domain authentication you will get an email from godaddy with a link to download the certificate. Note below I have chosen the certificate type “other”.

Log onto the Watchguard SSL and go to manage system – certificates.

Click on add server certificate

Select the certificate you downloaded from godaddy and the key file you created in step 2. Use the password also created in step 2.

Then to make the certificate live go to “administration service” and select the server certificate you just added – as shown below.

Select “save” and then “publish”.

Then go to “device settings”. Select the new certificate here also. Note this will cause the device to reboot as shown below.

Once the device is back up select publish to make your changes live. You can then test this externally.

Again, if you found this article useful please click on my referral link before ordering your SSL certificate – cheers! http://www.godaddy.com/itbook

THE END

Leave a Reply

Your email address will not be published. Required fields are marked *