Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Migrating certificates: If you currently have a self-signed certificate and you create a new root trusted certificate with the same name or wild card, all of your currently enrolled devices will be fine. But if you change the DNS name at all then devices currently enrolled will lose connection. 
Migration Examples:

CaseCurrent CertificateNew CertificateResult
Any certificate to any certificate (changing name)Self-signed cert = filewave.initrode.usRoot trusted cert = fw.initrode.usCHANGING THE FQDN WILL REQUIRE DEVICES TO BE ENROLLED AGAIN
Self-signed to root trusted (keeping same name)Self-signed cert = filewave.initrode.usRoot trusted cert = filewave.initrode.usThis will NOT require devices to be enrolled again
Self-signed to wildcardSelf-signed cert = filewave.initrode.usWild Card cert = *.initrode.usThis will NOT require devices to be enrolled again
Root trusted to root trustedRoot trusted cert = filewave.initrode.usRoot trusted cert = filewave.initrode.usThis will NOT require devices to be enrolled again


Globally Signed Certificates

...

  1. Open a command line:
    Linux/macOS: Terminal
    Windows: Command Prompt (Be sure to run command prompt as administrator by right-click > run as administrator)
  2. Type the following command (Don't forget to change fw.initrode.us to your DNS name):

    Code Block
    languagebash
    titlemacOS
    sudo openssl req -new -newkey rsa:2048 -nodes -keyout /certificates/fw.initrode.us.key -out /certificates/fw.initrode.us.csr


    Code Block
    languagepowershell
    titleWindows
    C:\OpenSSL-Win64\bin\openssl.exe req -new -newkey rsa:2048 -nodes -keyout C:\certificates\fw.initrode.us.key -out C:\certificates\fw.initrode.us.csr


  3. You will then go through a few questions below:
    Country Name (2 letter code)
    State or Province Name
    Locality Name (eg, city)
    Organization Name (eg, company)
    Organizational Unit Name (eg, section)
    Common Name (e.g. server FQDN or YOUR name)
    Email Address
    A challenge password
    An optional company name
    	

    for common name enter your server name (e.g. fw.initrode.us)
    Do not enter a password

      You should now see a .CSR and .KEY file in the Certificates folder

...