Generating keys and certificates

Technical Library | Support

Go to the table of contents

Go to the previous page

Go to the next page

View or print as PDF

User Identification > Configuring user identification methods > Secure manual authentication > Generating keys and certificates

Generating keys and certificates

Web Security Help | Web Security Solutions | Version 7.8.x

Related topics:

Manual authentication

Setting authentication rules for specific machines

Secure manual authentication

Activating secure manual authentication

Accepting the certificate within the client browser

A certificate consists of a public key, used to encrypt data, and a private key, used to decipher data. Certificates are issued by a Certificate Authority (CA). You can generate a certificate from an internal certificate server, or obtain a client certificate from any third-party CA, such as VeriSign.

The CA issuing the client certificate must be trusted by Websense software. Typically, this is determined by a browser setting.

For answers to common questions about private keys, CSRs, and certificates, see httpd.apache.org/docs/2.2/ssl/ssl_faq.html#aboutcerts.

To learn more about generating your own private key, CSR, and certificate, see www.akadia.com/services/ssh_test_certificate.html.

There are many tools that you can use to generate a self-signed certificate, including the OpenSSL toolkit (available from openssl.org).

Regardless of the method you choose for generating the certificate, use the following general steps.

1.

Generate a private key (server.key).

2.

Generate a Certificate Signing Request (CSR) with the private key.


	Important When prompted for the CommonName, enter the IP address of the Filtering Service machine. If you skip this step, client browsers will display a security certificate error.

3.

Use the CSR to create a self-signed certificate (server.crt).

4.

Save the server.crt and server.key files in a location that Websense software can access, and where they can be read by Filtering Service.

Go to the table of contents

Go to the previous page

Go to the next page

View or print as PDF

User Identification > Configuring user identification methods > Secure manual authentication > Generating keys and certificates

Copyright 2016 Forcepoint LLC. All rights reserved.