IBM HTTP Server
(CSR Generation
Procedures) |
|
 |
 |
| If you are starting IKEYMAN to create a new key
database file, the file is stored in the directory where
you start IKEYMAN. |
A key database is a file that the server uses to store
one or more key pairs and certificates. You can use one key
database for all your key pairs and certificates, or create
multiple databases.
Enter IKEYMAN on a command line on UNIX, or start the Key
Management utility in the IBM HTTP Server folder, on Windows.
Select Key Database File from the main user interface,
select New.
In the New dialog box, enter your key database name. Click
OK.
In the Password Prompt dialog box, enter a password, enter
to confirm the password. Click OK.
| Should you choose to enter and use
a Private Key password, you will need to make sure
that you save that password in a secure place. If you
ever need to reinstall your certificate for any reason,
you will be required to enter that password. If you
forget the password and it is past 30 days from your
purchase date, then you will be required to purchase
a new certificate. An ounce of prevention will prevent
this from happening. |
Enter IKEYMAN on a command line on UNIX, or start the
Key Management utility in the IBM HTTP Server folder
on Windows.
Select Key Database File, from the main user interface
and select Open.
In the Open dialog box, select your key database name.
Click OK.
In the Password Prompt dialog box, enter your correct
password and click OK.
Select Create from the main user interface, select
New Certificate Request.
In the New Key and Certificate Request dialog box,
enter:
- Key Label: A descriptive comment to identify the key
and certificate in the database.
- Keysize:
512 or 1024 (1024 recommended)
- Organization Name:
Your company name
- Organization Unit:
(Example: IT Department)
- Locality:
(Example: Dallas)
- State/Province:
(Example: Texas)
- Zipcode/Postcode:#
(Example: 75777)
- Country: Enter a country code. (Example: US) Click
here for more codes.
- Certificate request file name, or use the default name
Click OK.
In the Information dialog box, click OK.
-----BEGIN CERTIFICATE REQUEST-----
UbM77e50M63v1Z2A/5O5MA0GCSqGSIb3DQEOBAU
AMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0
EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UEC
xMlU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9u
IEF1dGhvcml0eTAeFw0wMTA4MDIwMDAwMDBaFw0
wMzA4MDIyMzU5NTlaMIGQMQswCQYDVQQGEwJVUz
ERMA8GA1UECBMIVmlyZ2luaWExETAPBgNVBAcUC
FJpY2htb25kMSAwHgYDVQQKFBdDYXZhbGllciBU
ZWxlcGhvYm9uZGluZy5jYXZ0ZWwuY29tMIGfMA0
GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8x/1dxo
2YnblilQLmpiEziOqb7ArVfI1ymXo/MKcbKjnY2
-----END CERTIFICATE REQUEST----- 
When sending your CSR to EBIZID, you
MUST copy and paste the entire CSR Request, including the
beginning and ending lines as shown below.
-----BEGIN CERTIFICATE REQUEST-----
-----END CERTIFICATE REQUEST-----
Failure to do so will result in you having to resend your
CSR in the correct format to EBIZID which will cause a
prolonged delay in processing your order. |
| If you are ordering a Wildcard Certificate,
the Common Name field must be in the format of: *
. yourdomain . com |
| Backup the private key, as there is
no means to recover it should it be lost. The private key
is used as input in the command to generate a Certificate
Signing Request (CSR). EBIZID will reissue certificates
no more than 30 days from the time of purchase. If you
do not backup your key and your server fails or other problems
occur after the 30 days, you will then be required to purchase
a new certificate. An ounce of prevention is all that is
required to prevent this from happening. |
|
