DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
2860n SSL Certificate Install
- kenwardc
- Topic Author
- Offline
- New Member
Less
More
- Posts: 3
- Thank you received: 0
23 Nov 2016 15:25 #87374
by kenwardc
2860n SSL Certificate Install was created by kenwardc
Hi Folks
Been selling and using Vigor routers for so many years I lost count but have never installed a COMODO or other trusted certificate for https access to the router. Please be gentle!
Firstly, I assume it's the "Trusted CA Certificate" menu option I need? From what I've read, the "Local Certificate" option is for self-signed certs.
I went through the process of creating the certificate for Root CA but all it's done is create a PEM SSL certificate and not a signing request that I can take along to COMODO to purchase my SSL certificate. What gives?? Have I don't the wrong thing?
If anyone on the forum has done this, please help - I don't have much hair to pull out!
Thanks in anticipation
Chris
Been selling and using Vigor routers for so many years I lost count but have never installed a COMODO or other trusted certificate for https access to the router. Please be gentle!
Firstly, I assume it's the "Trusted CA Certificate" menu option I need? From what I've read, the "Local Certificate" option is for self-signed certs.
I went through the process of creating the certificate for Root CA but all it's done is create a PEM SSL certificate and not a signing request that I can take along to COMODO to purchase my SSL certificate. What gives?? Have I don't the wrong thing?
If anyone on the forum has done this, please help - I don't have much hair to pull out!
Thanks in anticipation
Chris
Please Log in or Create an account to join the conversation.
- admin3
- Offline
- Site Admin
Less
More
- Posts: 604
- Thank you received: 0
23 Nov 2016 15:59 #87376
by admin3
Forum Administrator
Replied by admin3 on topic Re: 2860n SSL Certificate Install
Please have a read of this guide, it should clear up how the certificate signing request (CSR) process works for you:
http://www.draytek.co.uk/support/guides/kb-local-certificate-management
Forum Administrator
Please Log in or Create an account to join the conversation.
- kenwardc
- Topic Author
- Offline
- New Member
Less
More
- Posts: 3
- Thank you received: 0
23 Nov 2016 16:09 #87377
by kenwardc
I have this guide and followed it but the request now appears to be "frozen" in "Requesting" mode and there is nothing I can do with it. I cannot delete it, refresh it or even add another one. Completely non-responsive.
Cheers
Chris
Replied by kenwardc on topic Re: 2860n SSL Certificate Install
Please have a read of this guide, it should clear up how the certificate signing request (CSR) process works for you
I have this guide and followed it but the request now appears to be "frozen" in "Requesting" mode and there is nothing I can do with it. I cannot delete it, refresh it or even add another one. Completely non-responsive.
Cheers
Chris
Please Log in or Create an account to join the conversation.
- kenwardc
- Topic Author
- Offline
- New Member
Less
More
- Posts: 3
- Thank you received: 0
23 Nov 2016 16:13 #87378
by kenwardc
Replied by kenwardc on topic Re: 2860n SSL Certificate Install
I am guessing that what this means is that the:
X509 Local Certificate Configuration
is for installing a proper, COMODO or other genuine certificate and
X509 Trusted CA Certificate Configuration
is for self-signed certificate installation
So the "Trusted CA Certificate Configuration" is empty and the "Local Certificate Configuration" is now not working... I cannot reset the router to factory settings because it's on a live site. Any help would be greatly appreciated.
Cheers
Chris
X509 Local Certificate Configuration
is for installing a proper, COMODO or other genuine certificate and
X509 Trusted CA Certificate Configuration
is for self-signed certificate installation
So the "Trusted CA Certificate Configuration" is empty and the "Local Certificate Configuration" is now not working... I cannot reset the router to factory settings because it's on a live site. Any help would be greatly appreciated.
Cheers
Chris
Please Log in or Create an account to join the conversation.
- aweaton
- Offline
- Junior Member
Less
More
- Posts: 76
- Thank you received: 0
01 Dec 2016 12:06 #87415
by aweaton
Replied by aweaton on topic Re: 2860n SSL Certificate Install
It's fiddly but I have done it with a free Let's Encrypt SSL certficate. The process is:
1) Obtain a SSL certificate with a 2048 bit rsa key size. The Draytek does not support 4096 bit rsa keys. Let's encrypt provides 3 files; cert.pem (this can be renamed to something more meaningful), chain.pem and privkey.pem key files.
2) Certificate Management >> Local Certificate click Import.
3) Certificate file: choose cert.pem (or whatever you have renamed the file to)
4) Key file: choose privkey.pem
5) Certificate Management >> Trusted CA Certificate. Click Import.
6) Click "Choose file". Choose chain.pem. Click Import
7) Apply and reboot router
8] SSL VPN >> General Setup
9) Choose “cert” or whatever you’ve renamed the file.
10) Apply and reboot router.
11) Close your browser tab and the connect to the router.
Hope this helps.
1) Obtain a SSL certificate with a 2048 bit rsa key size. The Draytek does not support 4096 bit rsa keys. Let's encrypt provides 3 files; cert.pem (this can be renamed to something more meaningful), chain.pem and privkey.pem key files.
2) Certificate Management >> Local Certificate click Import.
3) Certificate file: choose cert.pem (or whatever you have renamed the file to)
4) Key file: choose privkey.pem
5) Certificate Management >> Trusted CA Certificate. Click Import.
6) Click "Choose file". Choose chain.pem. Click Import
7) Apply and reboot router
8] SSL VPN >> General Setup
9) Choose “cert” or whatever you’ve renamed the file.
10) Apply and reboot router.
11) Close your browser tab and the connect to the router.
Hope this helps.
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek