Generate a Certificate Signing Request (CSR)

C2Net
STRONGHOLD Web Server

Follow these instructions to generate a CSR for your Web site. When you
have completed this process, click the “close” button below to close this
window and continue to the next step.

  1. Enter
    the Stronghold Configuration Manager.

  2. Select New Key Generation to create a new key file.

  3. Enter key size (either 512 or 1024 bits) and follow instructions
    for generating the random data. 1024 bits is the recommended key size.

    **** Note: The encryption key size (512 bit, 1024 bit) has nothing
    to do with the actual session key (128 bit, 40 bit)

  4. When
    creating a CSR you must follow these conventions.
    Enter the
    Distinguished
    Name Field
    information.
    The following characters
    can not be accepted: < > ~ ! @ # $ % ^ * / \ ( ) ?.
    &

    Distinguished
    Name Fields

    Explanation

     
    Example

    Country
    Name

    The
    two-letter ISO abbreviation for your country
    .

    US
    = United States

    State
    or Province Name

    The
    state or province where your organization is located. Can
    not be abbreviated.

    Georgia

    City
    or Locality

    The
    city where your organization is located.

    Atlanta

    Company
    (Organization) Name

    The
    exact legal name of your organization. Do not abbreviate your
    organization name.

    GeoTrust
    Inc.

    Organizational
    Unit

    Optional
    for additional organizational information.

    Marketing

    Common
    Name (Server Host Name)

    The
    fully qualified domain name for your web server. You will
    get a certificate name check warning if this is not an exact
    match.

    If
    you intend to secure the URL https://secure.geotrust.com,
    then your CSR’s Server Hostname must be secure.geotrust.com

    Server
    Administration email address (if applicable)

    Your
    email address

    abc@goetrust.com

  5. The
    key pair will be generated and saved in the file:
    strongholdserverroot/private/hostname.key.
    example: /usr/local/stronghold/private/www.something.com.key

  6. Edit
    this file to extract the CSR data to send to GeoTrust. This is the
    text beginning with "—–BEGIN NEW CERTIFICATE REQUEST—–"
    up to and including the text "—–END NEW CERTIFICATE REQUEST—–".

  7. Submit
    your CSR to GeoTrust by clicking on <Continue>,
    you will be asked to complete the agreement and the enrollment form
    as well.

Note: See also C2Net’s documentation
on key generation and installation
instructions for both STRONGHOLD
2.3 and STRONGHOLD 2.4.x .