Generate a Certificate Signing Request (CSR)
Apache + Raven
Follow these instructions to generate a CSR for your Web site. When you
have completed this process, click the “close” button below to close this
window and continue to the next step.
Note: The CertificateSigning Request (CSR) instructions are followed
by key pair backup instructions.
-
Enter Server Name (Common Name).
-
Select size of encryption key (1024 recommended).
*Note: The encryption key size (512 bit, 1024 bit) has nothing to
do with the actual session key (128 bit, 40 bit). -
Enter pass phrase to encrypt key.
Warning: If you lose the passphrase, you must
purchase another certificate.See
the certificate replacement policy at the bottom of these instructions. - Choose the server
to request a certificate for:
-
Enter the information to be displayed in the certificate.
Distinguished
Name FieldExplanation
ExampleCountry
NameThe
two-letter ISO abbreviation for your country.US
= United StatesState
or Province NameThe
state or province where your organization is located. Can not
be abbreviated.Georgia
City
or LocalityThe
city where your organization is located.Atlanta
Organization
NameThe
exact legal name of your organization. Do not abbreviate.GeoTrust
Inc.Organizational
UnitOptional
for additional organizational information.Marketing
Common
Name (Server Host Name)The
fully qualified domain name for your web server. You will get
a certificate name check warning if this is not an exact match.If
you intend to secure the URL https://secure.geotrust.com, then
your CSR’s server hostname must be secure.geotrust.comServer
Admin.’s email addressYour
email addressabc@geotrust.com
Version 1.5.1 select NO to send the CSR to Verisign
Version 1.5 select YES to send the CSR to Verisign
-
Note: If you
select no, a required field will be missing and the CSR will be invalid.
Version 1.5x enter the same pass phrase entered generating the private key above.
-
Send
the CSR to your email address or display the CSR on your console. - Exit RavenCTL
- While waiting for
your certificate from GeoTrust, you can use the self-signed certificate
generated above.**** Note: If you would like to verify the contents of the CSR, use
the following command: $ openssl req -noout -text -in server.csr
- Create
a backup copy of the private key.
Backup the servername.key file from
the raven/module/pki/keys directory to a secure location and remember
the PEM passphrase (step 3).**** Note: To view the contents of the private key, use the following
command: $ openssl rsa -noout -text -in servername.key
-
Submit
your CSR to GeoTrust by clicking on <Continue>,
you will be asked to complete the agreement and the enrollment form
as well.