Overview
Certificate Signing Requests (CSR) can be generated from the Exinda command line using the following command:web https customssl generate csr country ? state ? location ? organization ? hostname ? (replace the question marks with relevant data)
If receive the error % Internal error, code 1003 (see logs for details) comes up when trying to generate the CSR:
1. It is likely due to the device not having a private key generated. A private key can be generated with the following command:
web https customssl generate privatekey
To view the CSR which was just generated, use the following command:
show web https customssl csr
2. The country option takes 2 characters. For Example, Canada would be CA.
Note, that while any number of CSRs can be generated on the device, only one can be applied to the web UI main page at a time. Furthermore, these CSRs do not generate any Subject Alternate Names (SAN) when they are created; it is only the hostname provided during the request. To create a CSR with SAN and with increased level of security, it is possible to be generated from any device that has the capability of creating CSR (ie, a Windows based CA, or any machine with OpenSSL) with those parameters, and it can be imported into the Exinda (along with the private key) through the command "web https customssl certificate" command.