Follow these instructions to generate a CSR for your Web site. When you have
completed this process, you will have a CSR ready to submit to your provider
in order to be generated into a SSL Security Certificate.
Creating a Key Pair
Open a DOS window. At the command line, type cd your server root\bin\admin\admin\bin.
Type sec-key at the command prompt. A Netscape key-pair file generation window appears.
When prompted, type an alias for the new key-pair file. You might choose an alias that matches your server (for example, web or mail). The alias cannot contain spaces, but it can use symbols that your operating system allows in filenames (such as hyphens and underscores). By default, the key-pair file is stored in the directory C:/<server_root>/alias/<alias>-key.db where <alias> is the alias you typed. If you used the alias mail, your key-pair file would be C:/<server_root>/alias/mail-key.db.
Type OK. A screen with a progress meter appears. Move your mouse in random motions at random speeds. These random movements are used to generate a random number for the unique key-pair file.
Enter a password.
Warning: If you lose the password, you must purchase another certificate.
See the certificate replacement policy below.
Return to the Keys and Certificates menu in the Netscape Suitespot Server administration page.
Creating a Certificate Signing Request
Start the Netscape administration page.
Login as the administrator.
Click on Keys and Certificates on the administration main menu.
Select Request a Certificate on the navigation window.
Click on New Certificate in the Request a Server Certificate window.
Select CA URL (enter anything in the box).
Select the alias and password that you generated in the key-pair file.
Type in the Distinguished Name Field information. This information
will appear in your server certificate. Any variations can lead to delays
in the verification process. When creating a CSR you must follow these conventions.
The following characters can not be accepted: < > ~ ! @ # $ % ^ /
\ ( ) ?. ,
| Country Name (2 letter code) [AU]: | US (must be two letter country code, note for United Kingdom the country code must be GB and NOT UK) |
| State or Province Name (full name) [Some-State]: | The state or province where your organization is legally located. This cannot be abbreviated and must be entered in full. |
| Locality Name (eg, city) []: | The city where your organization is legally located. |
| Organization Name (eg, company) [Internet Widgits Pty Ltd]: | The exact legal name of your organization. Do not abbreviate your organization name. |
| Organizational Unit Name (eg, section) []: | Section of the organization, such as Marketing or Web Development. |
| Common Name (eg, YOUR name) []: | The fully qualified domain name for your web server. This must be an exact match. If you intend to secure the URL https://www.yourdomain.com, then your CSR's common name must be www.yourdomain.com. If you applying for a wildcard certificate to secure all sub domains on your domain, the common name must be *.yourdomain.com. |
| Email Address []: | Your email address |
| Requestor Name: | Your name |
| Telephone Number: | Your telephone number |
The system will generate a CSR which will start with
"-----Begin Certificate Request-----" and it will end with "-----End Certificate Request-----".
Copythis CSR into a text file. If you are using Windows or NT, you can use Notepad to cut and paste the CSR and then save it. Copy and paste the contents into your SSL Providers online enrollment form when requested