Creating a Certificate Signing Request
1. In the Embedded Web Server, click Properties > Security.
2. Click Certificates > Security Certificates.
3. Click the CA-Signed Device Certificate(s) tab.
4. Select Create Certificate Signing Request (CSR).
5. Complete the fields for 2 Letter Country Code, State/Province Name, Locality Name, Organization Name, Organization Unit, Common Name, and E-mail Address.
6. For MS Universal Principal Name, type a user name as needed.
Note:The MS Universal Principal Name is required when using 802.1X EAP-TLS for Windows clients or servers.
7. Enter an optional Challenge Password for cases where you are using a Certificate Authority (CA) that supports enforcing of a Challenge Password during the CSR process.
8. For Key Algorithm, select an option.
9. In the Subject Alternative Name area, select values to include in the security certificate attributes:
• Distinguished Name
• IPv4 Address
• IPv6 Address(es)
• Fully Qualified Domain Name
• Multicast DNS Name
• Microsoft Universal Principle Name
Note:
• By default, all Subject Alternative Name (SAN) attributes are included.
• If no SAN attributes are selected, the SAN extension is not included in the generated certificate.
10. To generate the new CSR, click Finish.