Generate self-signed certificate

  1. Go to Certificates > Certificates and click Add.
  2. Set Action to Generate self-signed certificate.
  3. Certificate details
    1. Enter the Certificate name.
    2. Specify the certificate’s validity period.
      Default: 1 day
    3. Select the number of bits used to construct the key from the list.
      Note Larger keys offer greater security, but take longer to encrypt and decrypt data.

      Default: 2048

    4. Select to encrypt the key. Enter a passphrase or the pre-shared key and re-confirm
    5. Specify the certificate ID for one of the following options:
      • DNS
      • IP address (IPv4/IPv6 address)
      • Email
      • DER ASN1 DN (X.509)
  4. Identification attributes
    1. Select the country in which the device is deployed.
    2. Enter the state within the country.
    3. Enter the locality in which the certificate is to be used.
    4. Enter the name of the certificate owner (example: Sophos Group).
    5. Enter the name of the department to which the certificate is to be assigned (example: marketing).
    6. Enter the common name or FQDN (example: marketing.sophos.com).
    7. Enter the contact person’s email address.
  5. Click Save to generate self-signed certificate.