SSL Certificate CSR Generation Instructions

C2Net Stronghold

Follow these instructions to generate a CSR for your Web site. When you have completed this process, you will have a CSR ready to submit to your provider in order to be generated into a SSL Security Certificate.

1.Enter the Stronghold Configuration Manager.

2. Select New Key Generation to create a new key file.

3. Enter key size (either 512 or 1024 bits) and follow instructions for generating the random data. 1024 bits is the recommended key size.
Note: The encryption key size (512 bit, 1024 bit) has nothing to do with the actual session key (128 bit, 40 bit)

4. Enter the information to be displayed in the certificate.

• The following characters can not be accepted: < > ~ ! @ # $ % ^ / \ ( ) ?.,&
• If you are applying for a wildcard certificate you must state * in place of the sub domain, for example *.yourdomain.com instead of www.yourdomain.com

You will now be prompted for information to include within the CSR:

Country Name (2 letter code) [AU]:
US (must be two letter country code, note for United Kingdom the country code must be GB and NOT UK)

State or Province Name (full name) [Some-State]:
The state or province where your organization is legally located. This cannot be abbreviated and must be entered in full.

Locality Name (eg, city) []:
The city where your organization is legally located.

Organization Name (eg, company) [Internet Widgits Pty Ltd]:
The exact legal name of your organization. Do not abbreviate your organization name.

Organizational Unit Name (eg, section) []:
Section of the organization, such as Marketing or Web Development.

Common Name (eg, YOUR name) []:
The fully qualified domain name for your web server. This must be an exact match. If you intend to secure the URL https://www.yourdomain.com, then your CSR's common name must be www.yourdomain.com. If you applying for a wildcard certificate to secure all sub domains on your domain, the common name must be *.yourdomain.com.

Server Admin.'s email address []:
Leave this field blank by just pressing return.

6. The key pair will be generated and saved in the file: strongholdserverroot/private/hostname.key.
example: /usr/local/stronghold/private/www.something.com.key

7. Edit this file to extract the CSR data. This is the text beginning with:

-----BEGIN NEW CERTIFICATE REQUEST----" up to and including the text -----END NEW CERTIFICATE REQUEST-----

Note: See also C2Net's documentation on key generation and installation instructions for both STRONGHOLD 2.3 and STRONGHOLD 2.4.x .

8. Your CSR will now have been created. Open the domainname.csr in a text editor and copy and paste the contents into the online enrollment form when requested.

Country Name (2 letter code) [AU]:	US (must be two letter country code, note for United Kingdom the country code must be GB and NOT UK)
State or Province Name (full name) [Some-State]:	The state or province where your organization is legally located. This cannot be abbreviated and must be entered in full.
Locality Name (eg, city) []:	The city where your organization is legally located.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:	The exact legal name of your organization. Do not abbreviate your organization name.
Organizational Unit Name (eg, section) []:	Section of the organization, such as Marketing or Web Development.
Common Name (eg, YOUR name) []:	The fully qualified domain name for your web server. This must be an exact match. If you intend to secure the URL https://www.yourdomain.com, then your CSR's common name must be www.yourdomain.com. If you applying for a wildcard certificate to secure all sub domains on your domain, the common name must be *.yourdomain.com.
Server Admin.'s email address []:	Leave this field blank by just pressing return.