Netscaler 12 – Wild Card Certificate – CSR and Installation steps

This post will cover Wild card Certificate (*.domain.com) CSR generation , Certificate request from Microsoft CA and Certificate installation with chaining. This post will cover how to create CSR for *.sslab.com certificate.

Create RSA key file

First step to create CSR is to create key file which will be used for encryption and decryption. In another way of saying this is very critical to secure your data passing over SSL.

Traffic management – SSL – SSL Files – Select Keys – Create RSA Key.

Provide information as shown below.

  • KeyFileName: SSLAB_COM_Wildcard.key
  • Key size: 2048
  • Public Exponent value : F4
  • Key format: PEM
  • PEM algorithm: DES3
  • PEM Passphrase and confirm : password for key file <very important to remember>

Create Certificate request (CSR)

  • Request file Name: SSLAB_COM_wildcard.csr
  • Key file Name: SSLAB_COM_wildcard.key ( created in previous step)
  • Key format : PEM
  • PEM Passphrase: password given for key file in last step
  • Digest Method: SHA256
  • Common Name: *.sslab.com
  • Organization : SSLAB
  • Department: IT
  • Select state and country

Create

Select the CSR and download, open with text editor.

Generate Certificate form Microsoft CA or External CA

Open the CSR With text editor or notepad, copy the complete contents without any spaces in the last.

Send this information to external CA like godaddy or digicert. For microsoft certificate authority steps are below.

select request certificate

Select advanced.

Copy the CSR contents as shown below , select type WEB SERVER then submit.

Select Base 64 encoded and download certificate, rename this certificate to wildcard.cer or so

Install certificate and Chaining

To install certificate go to Traffic management – SSL – Certificate – Server certificate – Click Install

Provide a decent name for the certificate, this will be the name visible in GUI.

Choose the certificate file received from MS CA or external CA – Select the key file created in step 1 – provide password given in step 1 – Install

Download and install all ROOT and intermediate certificates. they should be installed under SSL – Certificates – CA certificates. Just installation is enough no key file or password is required as they are CA certificates not our server certificate.

Then select our wild card certificate and Click on link.

It should provide the ROOT CA or relevent intermediate certificate which is already installed – Click OK.

Now the wild card certificate is installed as shown below.

Hope this post is helpful.

Siva Sankar

Siva Sankar works as Solution Architect in Abu Dhabi with primary focus on SDDC, Automation,Network Virtualization, Digital Workspace, VDI, HCI and Virtualization products from VMWare, Citrix and Microsoft.

Leave a Reply

Your email address will not be published.

Show Buttons
Hide Buttons