This solution applies to all Barracuda Networks products, all firmware versions.
Setting up secure administration over SSL/TLS on any Barracuda Networks product is done on the Advanced > SSL or Advanced > Secure Administration page of the Barracuda's Web user interface. While you can specify the Default (Barracuda Networks) certificate for your SSL/TLS connections, this will prompt users and administrators with a domain mismatch error because the certificate's domain is barracudanetworks.com (and your Barracuda Networks product's hostname and domain, configured near the bottom of the Basic > IP Configuration page, will not match barracudanetworks.com when configured correctly). For the Barracuda Spam Firewall, similar messages may appear when users attempt to action their quarantine items from their quarantine notification emails (see Solution #00000954).
To generate a CSR (Certificate Signing Request) from your Barracuda Networks product, navigate to the Advanced > SSL or Advanced > Secure Administration page and follow these steps: