Follow these instructions to generate a CSR for your Web site. When you have
completed this process, you will have a CSR ready to submit to your provider
in order to be generated into a SSL Security Certificate.
1. Enter Server Name (Common Name).
The fully qualified domain name for your web server. This must be an exact match. If you intend to secure the URL https://www.yourdomain.com, then your CSR's common name must be www.yourdomain.com. If you applying for a wildcard certificate to secure all sub domains on your domain, the common name must be *.yourdomain.com.
2. Select size of encryption key (1024 recommended).
The encryption key size (512 bit, 1024 bit) has nothing to do with the actual session key (128 bit, 40 bit).
3. Enter pass phrase to encrypt key.
Warning: If you lose or forget the passphrase, you will not be able to use the certificate.
4. Choose the server to request a certificate for:
Version 1.5.1 select NO to send the CSR to Verisign
Version 1.5 select YES to send the CSR to Verisign
Note: If you select no, a required field will be missing and the CSR will be invalid.
Version 1.5x enter the same pass phrase entered generating the private key above.5. Enter the information to be displayed in the certificate.
• The following characters can not be accepted: < > ~ ! @ # $ % ^ / \ ( ) ?.,&
• If you are applying for a wildcard certificate you must state * in place of the sub domain, for example *.yourdomain.com instead of www.yourdomain.comYou will now be prompted for information to include within the CSR:
Country Name (2 letter code) [AU]: US (must be two letter country code, note for United Kingdom the country code must be GB and NOT UK)
State or Province Name (full name) [Some-State]: The state or province where your organization is legally located. This cannot be abbreviated and must be entered in full.
Locality Name (eg, city) []: The city where your organization is legally located.
Organization Name (eg, company) [Internet Widgits Pty Ltd]: The exact legal name of your organization. Do not abbreviate your organization name.
Organizational Unit Name (eg, section) []: Section of the organization, such as Marketing or Web Development.
Common Name (eg, YOUR name) []: The fully qualified domain name for your web server. This must be an exact match. If you intend to secure the URL https://www.yourdomain.com, then your CSR's common name must be www.yourdomain.com. If you applying for a wildcard certificate to secure all sub domains on your domain, the common name must be *.yourdomain.com.
Server Admin.'s email address []: Leave this field blank by just pressing return.
6. Send the CSR to your email address or display the CSR on your console.
7. Exit RavenCTL
8. Backup the servername.key file from the raven/module/pki/keys directory to a secure location and remember the PEM passphrase (step 3). If the private key is lost your CSR and Certificate will be invalid. Make a copy of the private key file (domainname.key) generated earlier and store it in a safe place!Note: To view the contents of the private key, use the following command:
$ openssl rsa -noout -text -in servername.key
8. Your CSR will now have been created. Open the domainname.csr in a text editor and copy and paste the contents into the online enrollment form when requested.