I am publishing my web server behind the Sophos XG firewall. I need SSL certificate that is free and trusted by most of internet browsers. The answer is Let's Encrypt.
I use this site to help integrate with Let's Encrypt : http://zerossl.com
Steps
#1 Generate CSR from the XG firewall and download the CSR and the private key
#2 Navigate to zerossl.com and paste the CSR content
#3 Follow the instruction to validate your domain - I did DNS option by inserting TXT value
#4 Once validation is successful, the signed public key is ready to be downloaded
#5 Upload the signed key to XG firewall along with the private key that was downloaded on step #1
#6 (optional) if XG firewall does not trust Let's Encrypt CA, add this to the Trusted CA
Done!!
No comments:
Post a Comment