Search

Create a Certificate Signing Request (CSR)

A Certificate Signing Request (CSR) is a request sent to a Certificate Authority (CA) to authenticate the credentials contained within the certificate.

We recommend installing a Root Certificate from the CA on your computer before creating the CSR.

  1. Start your web browser.
  2. Type "https://machine's IP address" in your browser's address bar (where "machine's IP address" is the machine's IP address).
    For example:

    https://192.168.1.2

    image
    • If you are using a Domain Name System or enable a NetBIOS name, you can type another name, such as "SharedPrinter" instead of the IP address.

      • For example:

        https://SharedPrinter

      If you enable a NetBIOS name, you can also use the node name.

      • For example:

        https://brnxxxxxxxxxxxx

      The NetBIOS name can be found in the Network Configuration Report.

  3. If required, type the password in the Login field, and then click Login.
    image
    The default password to manage this machine’s settings is located on the back of the machine and marked "Pwd".
  4. Go to the navigation menu, and then click Network>Security>Certificate.
    image
    Start from image, if the navigation menu is not shown on the left side of the screen.
  5. Click Create CSR.
  6. Type a Common Name (required) and add other information about your Organization (optional).
    image
    • Your company details are required so that a CA can confirm your identity and verify it to the outside world.
    • The length of the Common Name must be less than 64 bytes. Enter an identifier, such as an IP address, node name, or domain name to use when accessing this printer through SSL/TLS communication. The node name is displayed by default. The Common Name is required.
    • A warning will appear if you type a different name in the URL than the Common Name that was used for the certificate.
    • The length of the Organization, the Organization Unit, the City/Locality and the State/Province must be less than 64 bytes.
    • The Country/Region should be a two character ISO 3166 country code.
    • If you are configuring an X.509v3 certificate extension, select the Configure extended partition check box, and then select Auto (Register IPv4) or Manual.
  7. Select your setting from the Public Key Algorithm drop-down list. The default setting is RSA(2048bit).
  8. Select your setting from the Digest Algorithm drop-down list. The default setting is SHA256.
  9. Click Submit.
    The CSR appears on your screen. Save the CSR as a file or copy and paste it into an online CSR form offered by a Certificate Authority.
  10. Click Save.
image
  • Follow your CA's policy regarding the method to send a CSR to your CA.
  • If you are using the Enterprise root CA of Windows Server 2012/2012 R2/2016/2019, we recommend using the Web Server for the certificate template to securely create the Client Certificate. If you are creating a Client Certificate for an IEEE 802.1x environment with EAP-TLS authentication, we recommend using User for the certificate template.
Did you find the information you needed?