I have found the process of Installing GoDaddy SSL Certificates on an IOS router had, like many Cisco projects, become a research project. The process is poorly documented, and many of the documented commands are outdated due to the changes in IOS. I hope this helps save some time and energy on your part.
I have found the process of Installing GoDaddy SSL Certificates on an IOS router had, like many Cisco projects, become a research project. The process is poorly documented, and many of the documented commands are outdated due to the changes in IOS. I hope this helps save some time and energy on your part. Make sure your router’s time is correct before starting. I suggest you set up NTP to keep the router’s time correct. If the router’s time is not correct, it will affect the certificate’s functionality.
- Create a 2048-bit RSA key. GoDaddy now only supports 2048 or greater key length for security reasons. On their site, they claim that computer performance will be capable of breaking a 1024-bit key by 2012. Will that be the end of the world? 🙂
- Create the trustpoint. A trustpoint is basically a certificate authority who you trust.
- You can get the certificate request by issuing the following commands:
- Paste the certificate request into the GoDaddy page to complete the request. The certificate request must be in the format below. You will need to add the beginning and end lines. The begin and end certificate lines must be on separate lines, or GD will give you an error. HINT: turn off word wrap in your text editor to ensure the format is proper.
- Once the Certificate is issued you will receive an email to download your certificates and the intermediates bundle. Save these certificates locally and open them in a text editor like Notepad or, preferably, Notepad++. Select server type “other” for the download.
- The next step is to install the intermediate certificate bundle into the router Trustpoint you created earlier. Run the command below. Copy the INTERMEDIATE certificate you opened in your text editor and paste into your terminal session when prompted. The certificate will be named gd_intermediate.crt.
- You will now install the actual certificate. Follow the same copy-and-paste procedure as above. Notice the command is different than the command used to install the GoDaddy intermediate certificate bundle.
- If everything went well, you should now have your certificates successfully installed. You can run the following commands to verify your certificate is properly installed. You should see both the intermediates and the issued certificate. Remember to exit config mode and save your configuration.
Are you interested in more articles? Check out: How to setup DDNS (Dynamic DNS) on a Cisco IOS router