Follow these instructions to generate a CSR for your Web site. When you have completed this process, you will have a CSR ready to submit to your provider in order to be generated into a SSL Security Certificate.
- Start your iPlanet Enterprise web server.
- Open the iPlanet Netscape administration page.
- Log in as the administrator.
- Click on Security.
- Select Create Database (If you have not already created the security database). If no database exists, iPlanet Web Server creates the proper key and certificate database files and stores them in the alias/ directory (otherwise, iPlanet Web Server displays an error message).
- Type in Database Password. Confirm Password. Click OK.
Warning: If you lose the password, you must purchase another certificate.
- Click on Request a Certificate.
- Select New Certificate.
- Enter your key pair file password.
- When creating a CSR you must follow these conventions:
• Enter the information to be displayed in the certificate. The following characters can not be accepted: < > ~ ! @ # $ % ^ / \ ( ) ?.,&
• If you are applying for a wildcard certificate you must state * in place of the sub domain, for example *.yourdomain.com instead of www.yourdomain.com
Country Name (2 letter code) [AU]: US (must be two letter country code, note for United Kingdom the country code must be GB and NOT UK)
State or Province Name (full name) [Some-State]: The state or province where your organization is legally located. This cannot be abbreviated and must be entered in full.
Locality Name (eg, city) []: The city where your organization is legally located.
Organization Name (eg, company) [Internet Widgits Pty Ltd]: The exact legal name of your organization. Do not abbreviate your organization name.
Organizational Unit Name (eg, section) []: Section of the organization, such as Marketing or Web Development.
Common Name (eg, YOUR name) []: The fully qualified domain name for your web server. This must be an exact match. If you intend to secure the URL https://www.yourdomain.com, then your CSR's common name must be www.yourdomain.com. If you applying for a wildcard certificate to secure all sub domains on your domain, the common name must be *.yourdomain.com.
Distinguished Name Fields Explanation Example Requester Name Your Name
John Smith
Telephone Number Your phone number
(xxx) xxx-xxxx
Common Name The fully qualified domain name for your web server. This must be an exact match.
If you intend to secure the URL https://www.yourdomain.com, then your CSR's common name must be www.yourdomain.com.
Email address Your email address
abc@yourdomain.com
Organization The exact legal name of your organization. Do not abbreviate your organization name.
Your Company, Inc.
Organization Unit Section of the organization
Marketing
Locality or City The city where your organization is legally located.
Atlanta
State/Province The state or province where your organization is legally located. Can not be abbreviated.
Georgia
Country The two-letter ISO abbreviation for your country.
US = United States
- Click OK when finished.
- Enter Certificate Request Information:
What you see
What you should type
Operation
Submit CSR
Certificate Type
Server
Requester Name
Name
Requester Email
Requester Phone
Phone Number
Requester Comments
(Leave blank)
Backing up your key pair file A key-pair file contains both the public and private keys used for SSL encryption. You will use the key-pair file when you request and install a certificate. The key-pair file is stored encrypted in the following directory: server_root/alias/<serverid-hostname>-key3.db. When you create the key, you specify a password that you later use when you request the certificate and when you start a server that is using encrypted communications.
- The system will generate a CSR in PKCS #10 format which will start with -----Begin Certificate Request-----" and it will end with "-----End Certificate Request-----.
- Save this CSR into a text file. If you are using Windows or NT, you can use Notepad to cut and paste the CSR and then save it.