Generate the Certificate Signing Request on Fabric IPsec Gateway VM

About this task

Use this procedure to generate a certificate signing request (CSR) and store it into a file. This CSR is required to obtain the offline subject certificate.

Procedure

  1. Enter Fabric IPsec Gateway Configuration mode:

    enable

    virtual-service WORD<1-128> console

    Note

    Note

    Type CTRL+Y to exit the console.

  2. Generate the CSR:

    certificate generate csr <subject-label>

  3. Configure where to send the CSR for signing:

    certificate send-csr-to <A.B.C.D> <user> <remote-path> <subject-label>

Variable Definitions

The following table defines parameters for the certificate generate csr command.

Variable

Value

<subject-label>

Specifies the subject identity.

The following table defines parameters for the certificate send-csr-to command.

Variable

Value

<A.B.C.D>

Specifies the IP address for the certificate authority.

<remote-path>

Specifies the file path on the certificate authority.

<subject-label>

Specifies the subject identity.

<user>

Specifies the username for the certificate authority.