Specifications
Managing Security Generating a Mobility Router Certificate
7
ShoreTel Mobility Router Administration Guide 72
8. In the Common Name field, type the FQDN, hostname or IP Address for the Mobility Router.
9. Select the strength of the private key from the Key Length pulldown menu. The longer the
number, the stronger the security of the key. The default is 1024.
10. Select any combination of the default Alternative Names displayed, or add your own by entering
it in the Other Alternative Names field. (Click Add if entering an address in this field.) These
additional addresses will be added to the locally generated certificate or CSR, and display in the
Subject Alternative Names field as they are selected.
Figure 30: Remote Access Certificate
11. Click Generate to generate a certificate signed by the certificate authority installed on the Mobility
Router, or click Generate CSR to generate a certificate signing request (CSR) to be sent to a third-
party certificate signing authority.
12. If generating a CSR in the previous step, submit the CSR to a trusted certificate signing authority
and save the RSA private key.
13. If a restart prompt displays, do one of the following:
Note
When generating a Local Access certificate, the default value is the local FQDN of the Mobility Router.
When generating a Remote Access certificate, the default value is the external FQDN of the Mobility
Router if configured in System > Network > Remote Access > Remote Access FQDN. See
“Configuring General Settings” on page 47.
WARNING!
When generating a CSR, the Mobility Router outputs both a certificate request as well as an RSA
private key. Save the RSA private key in a secure location for future use. This information is necessary
when importing the signed certificate.
Note
The private key of the CSR is stored in the ShoreTel Mobility Router.