Peplink routers can use certificates to apply that extra security to VPN connections, the Web Admin interface, the Captive Portal and for Mediafast devices to cache and deliver HTTPS content.
You can generate a self-signed certificate using open source software such as OpenSSL.
The instructions below are for Windows, but are similar for other Operating Systems.
Step 1 - install OpenSSL
OpenSSL software can be downloaded from the internet and is available for Windows, Linux and MacOS.
A quick search on the internet will lead you to a website to download the OpenSSL installer.
For this example, we downloaded a non light version of Wind32 Open SSL from : https://wiki.openssl.org/index.php/Binaries
After downloading; run the downloaded .exe file and follow the installation instructions.
Step 2 - Generate a private key
Once OpenSSL is installed, follow these steps to generate and apply a self-signed certificate.
In Windows, open a command prompt.
Change directory to the folder in which OpenSSL is installed (in this example C:\OpenSSL-Win32\bin )
Type the following command at the prompt and press Enter:
ā openssl.exe genrsa -out private.key 2048
Step 3 - Generate a Certificate Signing Request (CSR)
Type the following command at the prompt and press Enter:
ā openssl.exe req -out mycsr.csr -key private.key -new -sha256
You are prompted to fill in the following required fields, also shown in the example below.
Counttryname
Statename
Locality Name
Organization Name
Organizational Unit Name
Common Name
Emailaddress
Step 4 - Generate a Certificate Signing Request (CSR)
Both a private key and the CSR have now been created and we can create a self-signed certificate using both the private key and the CSR.
Type the following command at the prompt and press Enter:
ā openssl x509 -req -sha256 -days 365 -in mycsr.csr -signkey private.key -out mycert.crt
Step 5 - import the private key and self-signed certificate into the Balance router
Open Windows Explorer and browse to the newly created private key and certificate as shown below.
We are now ready to import the private key and self-signed certificate into the Balance router
Log into the web admin of the Balance router and navigate to āNetworkā > āMisc Settingsā > āCertificate Managerā.
Click on the āEditā button at āWeb Admin SSL Certificateā.
A new window will pop up.
Use notepad to view the private key file.
Copy and paste the private key fileās content to the āPrivate Keyā field.
Make sure you enable āThis key is encryptedā and put in the correct password.
Use notepad to view the self-signed certificate file
Copy and paste the self-signed certificate fileās content to the āLocal Public Key Certificateā field.
Click āSave and Applyā button to upload the private key and self-signed certificate to the Peplink router.
Step 6 - Verify the certificate