Apache Mod_SSL & Open SSL Server Types
(CSR Generation Procedures) |
|
 |
 |
| A CSR is a file containing your certificate application
information, including your Public Key. Generate your CSR
and then copy and paste the CSR file into the webform while
placing your order for your ssl certificate. |
What your CSR will look like when your finished.
-----BEGIN CERTIFICATE REQUEST-----
UbM77e50M63v1Z2A/5O5MA0GCSqGSIb3DQEOBAU
AMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0
EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UEC
xMlU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9u
IEF1dGhvcml0eTAeFw0wMTA4MDIwMDAwMDBaFw0
wMzA4MDIyMzU5NTlaMIGQMQswCQYDVQQGEwJVUz
ERMA8GA1UECBMIVmlyZ2luaWExETAPBgNVBAcUC
FJpY2htb25kMSAwHgYDVQQKFBdDYXZhbGllciBU
ZWxlcGhvYm9uZGluZy5jYXZ0ZWwuY29tMIGfMA0
GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8x/1dxo
2YnblilQLmpiEziOqb7ArVfI1ymXo/MKcbKjnY2
-----END CERTIFICATE REQUEST-----
When sending your CSR to EBIZID, you
MUST copy and paste the entire CSR Request, including the
beginning and ending lines as shown below.
-----BEGIN CERTIFICATE REQUEST-----
-----END CERTIFICATE REQUEST-----
Failure to do so will result in you having to resend your
CSR in the correct format to EBIZID which will cause a
prolonged delay in processing your order. |
Generate
keys and CSR (Certificate Signing request):
To generate a pair of private keys
and public Certificate Signing Request (CSR) for a webserver, "server",
use the following command:
openssl req –new –nodes -keyout myserver.key –out
server.csr
This creates two files. The file myserver.key contains a
private key; do not disclose this file to anyone. Carefully
protect the private key.
| Backup the private
key, as there is no means to recover it should it be
lost. The private key is used as input in the command
to generate a Certificate Signing Request (CSR). EBIZID
will reissue certificates no more than 30 days from
the time of purchase. If you do not backup your key
and your server fails or other problems occur after
the 30 days, you will then be required to purchase
a new certificate. An ounce of prevention is all that
is required to prevent this from happening. |
You will now be asked to enter details to be entered
into your CSR.
What you are about to enter is what is called a Distinguished Name or a DN.
For some fields there will be a default value, If you enter
'.', the field will be left blank.
Country Name (2 letter code) [IE; US] click here for a list
of codes
State or Province Name (full name) [IE: Texas]
Locality Name (City) [IE: Dallas]
Organization Name (company) [IE: YourCompany Ltd]
Organizational Unit Name (eg, section) []: [IE: IT Department]
Common Name (Your Domain name) [IE: yourdomain.com or www.yourdomain.com or
whatever.yourdomain.com (subdomain)]:
Email Address:
| If you are ordering
a Wildcard Certificate, the Common Name field must be
in the format of: *
. yourdomain . com |
Optionally, enter the following 'extra' attributes to be sent
with your certificate request:
A challenge password:
An optional company name:
The fields email address, optional company name and challenge
password can be left blank for an EBIZID SSL certificate.
| Should you choose to enter and use a challenge password,
you will need to make sure that you save that password
in a secure place. If you ever need to reinstall your certificate
for any reason, you will be required to enter that password.
If you forget the password and it is past 30 days from
your purchase date, then you will be required to purchase
a new certificate. An ounce of prevention will prevent
this from happening. |
Your CSR will now have been created. Open the server.csr in
a text editor and copy and paste the contents into the online
order form when ordering your certificate.
|
