cancel
Showing results for 
Search instead for 
Did you mean: 
sergio3429
Level 7

How to generate request to certificate on Web Gateway

Jump to solution

Hello

I have the appliance Web Gateway 7.2, and for company policy, i need generate a valid certificate of login, with a request.

0 Kudos
1 Solution

Accepted Solutions
nick.olson
Level 9

Re: How to generate request to certificate on Web Gateway

Jump to solution

Hi Sergio

Try what I posted in https://community.mcafee.com/thread/50334

I had a similar issue but was able to get it working.

-N

0 Kudos
3 Replies
asabban
Level 17

Re: How to generate request to certificate on Web Gateway

Jump to solution

Hello,

please see Configuration->User Interface. You can import any certificate you have a private key file for. Additionally you can create a self-signed certificate. If you need to generate a CSR to have it signed by an external source this needs to be done via openssl on the command line, it can't be done on the UI. The UI can only import an already signed certificate.

Best,

Andre

0 Kudos
andyclements
Level 12

Re: How to generate request to certificate on Web Gateway

Jump to solution

A key and certificate request can be generated with the following command:

openssl req -nodes -newkey rsa:2048 -keyout mwg.key -out mwg.csr

This can be done on any system with openssl, it is not restricted to the Web Gateway.  It is even possible to do it with Windows.

The command will generate a new RSA key with keylength of 2048 bits, saved as mwg.key.  The actual CSR will be called mwg.csr.

You will be prompted for several pieces of information.  This is put into the CSR so that the certificate is issued for the proper company and hostname.

After being signed by your CA, the certificate and key are imported into the UI.  The MWG never needs to see the CSR.

nick.olson
Level 9

Re: How to generate request to certificate on Web Gateway

Jump to solution

Hi Sergio

Try what I posted in https://community.mcafee.com/thread/50334

I had a similar issue but was able to get it working.

-N

0 Kudos