How to Generate a CSR Sophos XG Firewall

In this tutorial, we will show you how to generate a CSR on Sophos XG Firewall.

Just follow the steps below:

Step 1: Initiate the CSR Generation

Log into your Sophos Firewall admin console

Navigate to Certificates > Certificates and click Add

Select the option Generate Certificate Signing Request (CSR)

Step 2: Fill in the required informations

Under Certificate Details fill in the required fields as shown below:

• Name: give a friendly name to your certificate
• Valid until: enter the expiry date of your certificate
• Key length: from the drop-down list, select 2048
• Encryption: tick the Enable checkbox
• Passphrase/PSK: create a password to protect your private key file
• Certificate ID: from the drop-down list select Email and specify a valid email address

Under Identification Attributes, provide the following information:

• Country Name: from the drop-down list select the country where your company is located. For example, Canada
• State: write the full name of the state where your company is registered. For instance, British Columbia
• Locality Name: type the full name of the city where your company is based. For example, Vancouver
• Organization Name: specify the full legal name of your company. For instance, Your Company LLC
• Organizational Unit Name: enter the department within your company requesting the SSL Certificate. Usually, it’s IT or Web Administration
• Common Name: provide the FQDN (fully-qualified domain name) you want to secure. For example, yourdomain.com
• Email Address: type your email address.

Step 3: Download the CSR

From the list of SSL Certificates, under the Name column, find the name of your CSR (you can also look for CSR in the Type column) and click on the download icon, under the Manage column.

After you download the CSR on your device, you can open it with any text editor such as Notepad.

During the SSL order process, you will have to send the CSR code to your CA for verification and validation.