User`s guide

ManualsBrandsBarracuda Networks ManualsComputer equipmentControl Server

Chapter 3 Managing the Barracuda Spam Firewall ■ 61

Enabling SSL

Web Interface

HTTPS/SSL port

The SSL port used by the Barracuda Spam Firewall. Default port for SSL is

443.

SSL Certificate Configuration

Certificate Type Select one of the following certificates for SSL:

• Default (Barracuda Networks) used for SSL connections that will generate

browser alerts. The default certificate is signed by Barracuda Networks and

provided free as the default type of certificate.

• Private (self-signed) certificates provide strong encryption without the cost

of purchasing a certificate from a trusted certificate authority (CA). However

your web browser cannot verify the authenticity of the certificate, and display

a warning every time you access the Admin interface. To avoid this warning,

download the Private Root Certificate and import it into your browser.

• Trusted certificates are issued by trusted Certificate Authorities (CA), which

are usually recognized by your Web browser so no additional configuration is

required.

Certificate Generation

Organization Info The information stored in your certificates and Certificate Signing Requests.

Provide the following information:

Common Name is the fully qualified domain name used to access the

Administration interface. For example: "barracuda.yourdomain.com"

Country is the two-letter country code where your organization is located.

State or Province Name is the full name of the state or province where your

organization is located.

Locality Name is the city where your organization is located.

Organization Name is the legal name of your company or organization.

Organization Unit Name is an optional field in which to specify a department

or section within your organization.

Download

Certificate Signing

Request (CSR)

Click Download to obtain a certificate signing request that is required to

purchase a signed certificate from a trusted certificate authority. The certificate

is generated with a 1024 bit key length.

Download Private

key

Click Download to obtain a copy of the private key used for the CSR. The

certificate authority where you purchased your certificate may ask for this key,

which is only available after you download a CSR.

Download Private

Root Certificate

Click Download to obtain the private root certificate and import it into your web

browser.

Once you have imported the certificate, your web browser is able to verify the

authenticity of the Barracuda system’s SSL certificate, and should no longer

issue a warning when you visit the administration interface.

Trusted Certificate

Upload Signed

Certificate

After purchasing the certificate using the CSR, browse to the location of the

certificate and click Upload. Once you upload the certificate, your Barracuda

Spam Firewall automatically begins using it.

Once you have uploaded your signed certificate, make sure Trusted is selected

for the Certificate Type (described above).

Upload Private key After downloading the private key, browse to the location of the key and click

Upload.

Field Description