You want to create a certificate on Sophos Firewall that will be signed by your domain registrar. Which option would you select?

To create a certificate on Sophos Firewall that will be signed by your domain registrar, you should use the **"Certificate Signing Request (CSR)"** option. Here’s a brief overview of the steps you would typically follow: 1. **Generate a CSR**: Log in to your Sophos Firewall and navigate to the Certificate management section. Choose the option to create a Certificate Signing Request. You will need to provide details such as the common name (usually your domain name), organization, and other relevant details. 2. **Download the CSR**: Once the CSR is generated, download or copy the CSR text. 3. **Request a Certificate from Registrar**: Go to your domain registrar's website and find the section for submitting a Certificate Signing Request. Paste the CSR you generated in the previous step and follow their process to request a signed SSL/TLS certificate. 4. **Install the Signed Certificate**: Once the registrar provides you with the signed certificate, return to the Sophos Firewall and upload the signed certificate, along with any intermediate or root certificates if necessary. 5. **Configure the Firewall**: After uploading the new certificate, configure your services (like SSL VPN, Web Admin, etc.) to use the newly installed certificate. By following these steps using the CSR option, you'll obtain a certificate from your registrar that can be used on your Sophos Firewall.