Generate a Certificate Signing Request (CSR)
iPlanet Enterprise Server 4.1
-
Start
your iPlanet Enterprise web server. -
Open the iPlanet Netscape administration page.
-
Log
in as the administrator. -
Click
on Security. -
Select Create Database (If you have not already created the security
database). If
no database exists, iPlanet Web Server creates the proper key and
certificate database files and stores them in the alias/ directory
(otherwise, iPlanet Web Server displays an error message). -
Type
in Database Password. Confirm Password. Click OK.
Warning: If
you lose the password, you must purchase another certificate.See
the certificate replacement policy at the bottom of these instructions.
-
Click
on Request a Certificate. -
Select New Certificate.
-
Select CA URL (enter www.geotrust.com in the box). Note: this selection is arbitrary; you will be presented
with the resulting CSR in the next window – that’s when you cut-and-paste
the CSR and save it. -
Enter
your key pair file password. -
When
creating a CSR you must follow these conventions.
Type in the Distinguished Name Field information.
The
following
characters can not be accepted: < > ~ ! @ # $ % ^ * / \ ( )
?.
Distinguished |
Explanation |
|
Requester |
Your |
John |
Telephone |
Your |
(xxx) |
Common |
The |
If |
Email |
Your |
abc@geotrust.com |
Organization |
The |
GeoTrust |
Organization |
Section |
Marketing |
Locality or City |
The |
Atlanta |
State/Province |
The |
Georgia |
Country |
The |
US |
-
Click OK when finished.
-
Enter Certificate Request Information:
What |
What |
Operation |
Submit |
Certificate |
Server |
Requester |
Name |
Requester |
|
Requester |
Phone |
Requester |
(Leave |
-
The
system will generate a CSR in PKCS #10 format which will start with
"—–Begin Certificate Request—–" and it will end with
"—–End Certificate Request—–". -
Save this CSR into a text file. If you are using Windows or NT, you can
use Notepad to cut and paste the CSR and then save it.
Backing
up your key pair file
A key-pair file contains both the public and private keys used for
SSL encryption. You will use the key-pair file when you request and install
a certificate. The key-pair file is stored encrypted in the following
directory: server_root/alias/<serverid-hostname>-key3.db.
When
you create the key, you specify a password that you later use when you
request the certificate and when you start a server that is using encrypted
communications.