Generate a CSR for Checkpoint VPN
Import the certification chain
To request a certificate with Checkpoint, you need to create the entire certification chain first.All the certificates of the chain must be imported as 'TRUSTED' before the CSR generation. Select the root and intermediate certificates corresponding of your certificate here: Authorities certificates. If you have any doubt, contact us to know which element to import for the product you want to purchase.
For each element, and with the root first, follow these instructions:
Add a Authority certificate in your Checkpoint
- Go to Manage - Servers then OPSEC Applications
- Create a new entry New Certificate Authority > Trusted (OPSEC PKI)
- Name it after the file to import. On the page OPSEC PKI, select HTTP Servers. Click Get and select the file you want to import.
Generate your CSR
- Click Add to add a new certificate in the Certificate List by using the signer certificate (= the first intermediate certificate) that you previously imported
- Click generate to create a Certificate Signing Request (CSR)
- Tick the box Define Alternate Names and select a FQDN in the list
- Click Add [FQDN]. Enter the alias of your FQDN
- Click View and copy the text to paste it in the certificate's order form
Last edited on 08/13/2014 13:36:24 --- [search]