picture of tbs certificates
picture of tbs certificates
Our products range

Generate a CSR for NETASQ (NG1000-A, NG5000-A, ...) Firewalls

First of all, make sure you'll be able to import the following element via your interface:
- individually (private-key.key, certificate.cer or .pem, intermediate authorities ca.cer)
- or gathered in a #PKCS12 file (.p12 or .pfx extension under windows).
Consult your product documentation. You'll find 2 procedures below according to the kind of file your interface is able to import (on NETASQ platform it usually is individual files):

Use of Open SSL (individual importation)

Step 1: generate a 2048-bit RSA private key and the corresponding CSR (PKCS10 format) with OpenSSL tools (with Windows, use Win32 OpenSSL)

You can use our wizard that will give you the command to execute: Use our CSR creation assistant tool

Or follow the documentation here: and

This procedure will create 2 files:

- the CSR file (certificate request): Element that you can copy/paste to order or renew certificates. See Access an order form.

- the private key. Make a backup copy of this key, you'll need to import it in your interface with the certificate when it will be delivered.

Once the order is placed on our website and the audit process is over, you'll be delivered by email. Then follow the installation procedure described here: Install a certificate on a NETASQ platform

Use a Windows server (gathered importation)

If you do not have OpenSSL, you can do the entire 'certificate request' procedure including the CSR generation on IIS on a temporary website. To do so follow the procedure here:
IIS 5 or 6:
IIS 7:

Then install your certificate on that IIS server:

Then export the certificate and its private key in a .pfx file (PKCS12):