How to Generate a New Self-Signed Certificate

To generate a new self-signed certificate, click on the Generate new button. A new dialog will ask you to enter the Distinguished Name and the applicable hostnames for the new certificate. Both the fields can be left empty. If left empty the Distinguished Name will be populated with CN=filezilla-server-marker self signed certificate.

A new dialog will ask you to enter the Distinguished Name and the applicable hostnames for the new certificate. Both the fields can be left empty. If left empty, the Distinguished Name will be populated with
CN=filezilla-server-marker self signed certificate.

You can either let the server generate a private key for you by leaving the default option Generated by the server, or you select the Provided option to provide one.

If you select the Provided option, there are three ways to provide the private key:

  • Path to file: Enter the complete path to the file in PEM format containing the private key in the Private
    key field. Please be advised that sometimes both the private key and the certificate chain are combined
    into a single file. In such cases, enter the path to the same file in both fields. The file must be located on
    the server.
  • Rawdata: Enter the certificate in PEM format either by manually inputting it or by selecting a local file
    from the machine where the Administration interface is running.
  • PKCS#11 URL: Enter the PKCS#11 URL that specifies the location of your private key. This URL points
    to the exact location of your private key within the Hardware Security Module (HSM) or the device
    where your private key is stored.

Note: To use a newly chosen certificate you must either click the Apply or OK button at the bottom of the settings dialog.

Related Topics: