Knowledge Base

CSR Creation & SSL Installation on a Zeus Loadbalancer

Zeus Loadbalancer CSR Creation

The Zeus Loadbalancer requires that you create a self-signed certificate before being able to generate a CSR for a DigiCert certificate.

1. To get started on the self-signed certificate, navigate to Catalogs>SSL>SSL Certificates Catalog>Create Self-Signed Certificate.

2. Fill in the fields:

   Certificate Name: This is a personal identifier. This should be named in a way that would help you remember which certificate this is.

   Common Name (CN): Type in the fully-qualified domain name you want to secure (i.e., loadbalance.domain.com). You can also use an IP address if the connections will be made with the IP directly and not with a domain name.

   Organization (O): Use your organization's name.

   Organizational Unit (OU): This can unit within your organization, such as 'IT Department' or 'New York Branch'.

   Location (L): Enter the city name of your location.

   State (S): Enter the state/province/region of your location.

   Country (C): Enter the two-digit country code of your location.

   Valid for: Select how many years you want the certificate to last.

   Key size: Select a minimum of 2048 bits.

   Notes (not public) Use for your documentation, if needed.
    

3. Click Create Certificate. This should now generate the self-signed certificate.

4. Go to Catalogs > SSL > open the self-signed certificate we just created > Certificate Signing > Export CSR/Sign Certificate.

5. You should now be able to see the CSR text under the Certificate Signing Request (CSR) section. Example:

   -----BEGIN NEW CERTIFICATE REQUEST-----                    Random Characters -----END NEW CERTIFICATE REQUEST-----

   You will want to copy and paste the entire body of the CSR into the DigiCert Order/Reissue form.

Zeus Loadbalancer SSL Installation

1. Once you receive the .zip containing the certificate files, extract the “certs” folder somewhere on your server.

2. Open your server certificate (your_domain_name.crt) with a text editor. You should see something like this:

   -----BEGIN CERTIFICATE-----          Random Characters -----END CERTIFICATE------

3. Copy and paste the entire body of the certificate file into the Replace Certificate section and click Update Certificate (Go to Catalogs>SSL>open the self-signed certificate we just created>Certificate Signing>Export CSR/Sign Certificate).

4. We will now import the intermediate certificate(s). Go to Catalogs>SSL>open the self-signed certificate we just created>Certificate Signing>Add Intermediate Certificate.

5. Upload your DigiCertCA.crt file.

6. Repeat the Add Intermediate Certificate process if you received more than one intermediate certificate (i.e., DigiCertCA2.crt). The root certificate does NOT need to be uploaded.

The SSL certificate should now be installed, though additional configuration may be needed. You can check the certificate installation by going to https://www.digicert.com/help/ and typing in the domain name or IP address the certificate is applied.