1. Choose Security > Certificates.

  2. Configure settings using the information in the following table as a guide.

    Certificates Configuration Parameters

    ItemDescription

    Certificates

    Lists certificates and certificate keys currently on the system available for download. If there is no key available for a given certificate, the key download cell will be empty. Refer to Download a Certificate or key File.

    Create a Certificate

    Creates a new certificate to add to your certificate store.

    Certificate NameEnter the certificate name. This name is used for certificate management only and is displayed in the Certificate list.
    Certificate Type

    Choose the certificate type from the drop-down list:

    SSL

    CA Certificate

    VoIP Traversal Server

    VoIP Traversal Client

    Key Size

    Choose the key size from the drop-down list:

    1024

    2048

    Certificate Authority

    Choose a certificate authority type from the drop-down list:

    Self-signed

    CSR

    Country NameEnter the two-letter code of the country where the certificate is to be used. For example, “US.”

    State or Province (full name)

    Enter the full name of the state or province where the certificate is to be used. For example, “California.”

    Locality NameEnter the name of the city where the certificate is to be used.
    Organization

    Enter the company name. For example, “Ribbon Communications.”

    Organization Unit

    Enter the company department.

    Common Name

    Enter the FQDN assigned to the WAN IP of the system, or the DNS A record name.

    When creating a CSR to obtain a signed VeriSign or Go-Daddy certificate, this name must be the FQDN of the system. Security scanners pick up the public certificate and do a reverse lookup to make sure the CN: field has a DNS that matches the IP of this system. If it does not, the security scanner will fail this portion of the scan.

    EmailEnter the email to contact regarding the certificate.

    Password

    (Optional) Enter a password for HTTPS certificates only or optionally used to secure the key. If a password was used when generating the key, the same password must be specified here.

    Password Verify

    Verify your password.

  3. Click Create Certificate to make your changes take effect.

    The system displays the following message: WARNING: Creating a certificate may require a lot of CPU resources and should not be done while the system is in service.

  4. Click OK. The new certificate is added to the Certificates list.