Intel NetStructure 7110
Accelerator
(CSR Generation Procedures) |
|
 |
 |
Use the create key command to create your key and the create sign command to
create a signing request to be authenticated.
Intel 7110> create key
Key strength (512/1024) [512]:
New keyID [001]: 002
Keypair was created for keyID: 002
Intel 7110> create sign 002
You will now be asked to enter information that will be incorporated
into your certificate request. The "common name" must be unique.
For other fields, you could use default values.
Country code: This is the two-letter ISO
abbreviation for your country (for example, US for the United
States).
State or Province: This is the name of the state or province where your organization's
head office is located. Please enter the full name of the state or province.
Locality: This is the name of the city where your organization's
head office is located.
Organization: This should be the organization that owns the
domain name. Use the legal name under which your organization
is registered. Do not use any of the following characters: < > ~
! @ # $ % ^ * / \ ( ) ?.
Organizational unit: This is normally the name of the department
or group that will use the certificate.
Common name: The common name is the "fully
qualified domain name," (or FQDN) used for DNS lookups of your
server (for example, www.mydomain.com). Browsers use this information
to identify your Web site. Some browsers will refuse to establish
a secure connection with your site if the server name does
not match the common name in the certificate. Please do not
include the protocol specifier "http://" or any port numbers
or pathnames in the common name. Do not use wildcard characters
such as ?, and do not use an IP address.
| If you are ordering a Wildcard Certificate,
the Common Name field must be in the format of: *
. yourdomain . com |
E-mail address: This should be the e-mail address of the administrator
responsible for the certificate.
In this example, xmodem is used to send the CSR to a PC connected
to the console port.
Intel 7110> export sign webserver
Export protocol: xmodem, uuencode
[ascii]:<Enter>
Use Ctrl-x to kill transmission
Beginning export...
Export successful!
Intel 7110>
To submit the CSR paste it into the field
provided in the online order form.
-----BEGIN CERTIFICATE REQUEST-----
UbM77e50M63v1Z2A/5O5MA0GCSqGSIb3DQEOBAU
AMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0
EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UEC
xMlU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9u
IEF1dGhvcml0eTAeFw0wMTA4MDIwMDAwMDBaFw0
wMzA4MDIyMzU5NTlaMIGQMQswCQYDVQQGEwJVUz
ERMA8GA1UECBMIVmlyZ2luaWExETAPBgNVBAcUC
FJpY2htb25kMSAwHgYDVQQKFBdDYXZhbGllciBU
ZWxlcGhvYm9uZGluZy5jYXZ0ZWwuY29tMIGfMA0
GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8x/1dxo
2YnblilQLmpiEziOqb7ArVfI1ymXo/MKcbKjnY2
-----END CERTIFICATE REQUEST----- 
When sending your CSR to EBIZID, you
MUST copy and paste the entire CSR Request, including the
beginning and ending lines as shown below.
-----BEGIN CERTIFICATE REQUEST-----
-----END CERTIFICATE REQUEST-----
Failure to do so will result in you having to resend your
CSR in the correct format to EBIZID which will cause a
prolonged delay in processing your order. |
| Backup the private key, as there is
no means to recover it should it be lost. The private key
is used as input in the command to generate a Certificate
Signing Request (CSR). EBIZID will reissue certificates
no more than 30 days from the time of purchase. If you
do not backup your key and your server fails or other problems
occur after the 30 days, you will then be required to purchase
a new certificate. An ounce of prevention is all that is
required to prevent this from happening. |
| Should you choose to enter and use a
Private Key password, you will need to make sure that you
save that password in a secure place. If you ever need
to reinstall your certificate for any reason, you will
be required to enter that password. If you forget the password
and it is past 30 days from your purchase date, then you
will be required to purchase a new certificate. An ounce
of prevention will prevent this from happening. |
|
