Download the "Tool to create certificates" (makecert) from the Intra2net system under Information > Download, and unpack it into a directory on your computer.
Lancom routers cannot create its own certificates. This is therefore done by
makecacerton a PC. Start the
C:\makecert>makecacert C:\makecert>openssl req -x509 -newkey rsa:2048 -days 730 -new -nodes -config openssl.cnf -outform PEM -keyform PEM -keyout privatekey.pem -out newcert.cer Using configuration from openssl.cnf Loading 'screen' into random state - done Generating a 2048 bit RSA private key ........................+++ ...............................................................+++ writing new private key to 'privatekey.pem' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank.
Now enter the router data. For some fields there is a default value in square brackets. If you want to use it, just press Return. Do not use umlauts or other special characters, as otherwise problems may occur. The "common name" (or "computer name" on the Intra2net system) must be unique and must not be reused for other clients or for a CA.
It is recommended to enter as little data as possible here (e.g. only the common name), as these must be entered again identically when configuring the connection.
Country Name (2 letter code) : State or Province Name (full name) : Locality Name (eg, city) : Organization Name (eg, company) : Organizational Unit Name (eg, section) : Common Name (eg, your name or your server's hostname) :lancom Email Address : C:\makecert>openssl pkcs12 -export -in newcert.cer -inkey privatekey.pem -out newcert.p12 Loading 'screen' into random state - done
Select an export password that protects the key file on the way to the router. The password must be at least 3 characters long.
Enter Export Password: Verifying password - Enter Export Password: C:\makecert>del privatekey.pem
Start the LANconfig program to configure the router. The router must be recognized by LANconfig.
Open the context menu, and submenu .
newkey.p12file you just created with the makecacert program. Set the certificate type to and enter the export password previously specified.
Open the certificate file (
newkey_cert.cer) with a text editor (e.g. Wordpad) and copy the entire contents of the file to the clipboard. In the Intra2net system open the menu System > Keys > Foreign keys and create a new key. Enter a name for the key (e.g. the name of the router) and then paste the certificate data from the clipboard into the field Copy & paste certificate.