Please forgive me if this is a dumb question or if I am fundamentally confused, but I have pored over the manual, forum, and web. Very simply I need a trusted third party to sign my CSR and then for the SA520W to accept it as the active self certificate. In principle this is straightforward but I cannot figure out how to make this work in practice. Two examples.
1) GoDaddy: they require a 2048 bit signature and the router only generates 1024. I can generate my own CSR with OpenSSL but then am unable to upload my 2048 bit key to the router, and thus the signed certificate is not accepted
2) Verisign. They will take the router's 1024 bit signature, but they require lots of fields in the CSR, like country and state, that are not supported by the router's generate CSR function. Thus Verisign will not accept the CSR.
Is there any way to get the router to accept a CSR signed by GoDaddy? Or any CA?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...