Summary
You may want a trusted certificate authority to sign a CSR if you want to secure SSL access to an Exinda appliance remotely.
Overview
The current Generate/view a Certificate Signing Request (CSR) from Exinda command line is still a valid function of ExOS. However, because of the 1024-bit limitation of the CSR output through the Exinda CLI, when submit to the trusted certificate authority (CA) the signing request will be denied.
Cause
The reason for this is because as of January 1, 2014, the Certificate Authority/Browser Forum (CA/B) and the National Institute of Standards (NIST) set a new global standard for a much more secure, more tamper resistant 2048-bit certificate and phased out all existing 1024-bit certificates due to growing security concerns. RSA-576, -640, -704, & -768 were also phased out as they were no longer safe to use for TLS/SSL (they were all exploitable).
Resolution
It is possible to use a third party CA or a tool such as Certificate Signing Request Generator to generate a 2048 Bit CSR for the Exinda's hostname, and import the certificate and the corresponding private key to the Exinda. The information on how to do this can be found here: User needs to load their own SSL Certificate/PrivateKey to the Exinda for HTTPS access
Additional Information
Because of this newer standard, currently the process listed above will not help anyone who tries to get an Exinda generated CSR signed by a trusted CA. A feature request has already been submitted in order to get 2048-bit certificates, but has not yet been implemented.