Generate a Certificate Signing Request (CSR)

iPlanet Enterprise Server 4.1

  1. Start
    your iPlanet Enterprise web server.

  2. Open the iPlanet Netscape administration page.

  3. Log
    in as the administrator.

  4. Click
    on Security.

  5. Select Create Database (If you have not already created the security
    database).     If
    no database exists, iPlanet Web Server creates the proper key and
    certificate database files and stores them in the alias/ directory
    (otherwise, iPlanet Web Server displays an error message)    .

  6. Type
    in Database Password. Confirm Password. Click OK.

Warning: If
you lose the password, you must purchase another certificate.

See
the certificate replacement policy at the bottom of these instructions.

  1. Click
    on Request a Certificate.

  2. Select New Certificate.

  3. Select CA URL (enter www.geotrust.com in the box). Note: this selection is arbitrary; you will be presented
    with the resulting CSR in the next window – that’s when you cut-and-paste
    the CSR and save it.

  4. Enter
    your key pair file password.

  5. When
    creating a CSR you must follow these conventions.
    Type in the Distinguished Name Field information.
    The
    followin    g
    characters can not be accepted: < > ~ ! @ # $ % ^ * / \ ( )
    ?.

Distinguished
Name Fields

Explanation

 
Example

Requester
Name

Your
Name

John
Smith

Telephone
Number

Your
phone number

(xxx)
xxx-xxxx

Common
Name

The
fully qualified domain name for your web server. This must be
an exact match.

 If
you intend to secure the URL https://www.geotrust.com, then your
CSR’s common name must be www.geotrust.com.

Email
address

Your
email address

abc@geotrust.com

Organization

The
exact legal name of your organization. Do not abbreviate your
organization name.

GeoTrust
Inc.

Organization
Unit

Section
of the organization

Marketing

Locality or City

The
city where your organization is legally located.

Atlanta

State/Province

The
state or province where your organization is legally located.
Can not be abbreviated.

Georgia

Country

The
two-letter ISO abbreviation for your country.

US
= United States

  1. Click OK when finished.

  2. Enter Certificate Request Information:

What
you see

What
you should type

Operation

Submit
CSR

Certificate
Type

Server

Requester
Name

Name

Requester
Email

Email

Requester
Phone

Phone
Number

Requester
Comments

(Leave
blank)

  1. The
    system will generate a CSR in PKCS #10 format which will start with
    "—–Begin Certificate Request—–" and it will end with
    "—–End Certificate Request—–".

  2. Save this CSR into a text file. If you are using Windows or NT, you can
    use Notepad to cut and paste the CSR and then save it.  

Backing
up your key pair file

A key-pair file contains both the public and private keys used for
SSL encryption. You will use the key-pair file when you request and install
a certificate. The key-pair file is stored encrypted in the following
directory: server_root/alias/<serverid-hostname>-key3.db.  

When
you create the key, you specify a password that you later use when you
request the certificate and when you start a server that is using encrypted
communications.