The length of pre-shared key is from 8 to 63 characters. Finding a key with random 20 characters by the brute force method is impossible at a convenient time unless the passphrase is in the dictionary. For the purpose of demonstration, we are going to brute force a passphrase with 9 characters.
Description | |
---|---|
Name | Enter a name. |
Valid until | Specify the certificate’s validity period. |
Key type | Select from the following:
|
Key length | If you’ve set the key type to RSA, select the key length. It's the number of bits used to construct the key. Larger keys offer greater security, but it takes longer to encrypt and decrypt data. |
Curve name | If you’ve set the key type to Elliptic curve, select the curve name. Do not select secp521r1 for websites and the XG Firewall web admin console. A version of Google Chrome does not support the curve on certain operating systems. |
Secure hash | Select the algorithm from the list. |
Key encryption | Select key encryption if you want to encrypt the private key. |
Passphrase/PSK | If you select key encryption, enter a passphrase or a pre-shared key and reconfirm. |
Certificate ID | Select the type of certificate ID to identify the device and specify the ID.
|
Example certificate detail data is shown below, you will need to enter details for your own domain.
Description | |
---|---|
Country name | Country in which the device is deployed. |
State | The state within the country. |
Locality name | Name of the city. |
Organization name | Name of the certificate owner. Example: Sophos Group |
Organization unit name | Name of the department to which the certificate will be assigned. Example: marketing |
Common name | Common name or FQDN. Example: marketing.sophos.com |
Email address | Contact person’s email address. |
Example ID attributes are shown below, you will need to enter details for your own organization.