IdenTrust Inc. Logo
Home | Login | Contact Us  

  
OVERVIEW DIGITAL CERTIFICATE INSTRUCTIONS FAQ LIBRARY HOW-TO DOWNLOADS
Apache + Raven 1.5.x

Support > Generation Instructions


Creating a Certificate Signing Request (CSR) and Key

Follow the step-by-step instructions to generate a certificate signing request (CSR) and key:

  1. Enter Server Name (Common Name)
  2. Select size of encryption key (1024 recommended).
  3. Enter pass phrase to encrypt key.
    Warning: If you lose the passphrase, you must purchase another certificate.
  4. Enter other Distinguished Name Field information.
  5. Choose the server to request a certificate for:
    Version 1.5.1 select NO to send the CSR to Verisign
    Version 1.5 select YES to send the CSR to Verisign
    Note: If you select no, a required field will be missing and the CSR will be invalid.
  6. Enter the same pass phrase entered generating the private key above.
  7. When creating a CSR you must follow these conventions.
    Enter the Distinguished Name Field information.
    Note: The following characters can not be accepted:
    < > ~ ! @ # $ % ^ * / \ ( ) ?
    Distinguished
    Name Field    		 Explanation Example
    Country Name The two-letter ISO abbreviation for your country US = United States
    State or Province Name The state or province where your organization is legally located. Can not be abbreviated. Utah
    City or Locality The city where your organization is legally located. Salt Lake City
    Company (Organization) Name The exact legal name of your organization. Do not abbreviate. IdenTrust Inc.
    Department Name Section of the organization Marketing
    Server Hostname The fully qualified domain name for your web server. This must be an exact match. If you intend to secure the URL https://www.identrust.com/, then your CSR's Server Hostname must be www.identrust.com
    Server Admin.'s email address Your e-mail address abc@identrust.com
  8. Send the certificate signing request to your email address or display the CSR on your console.
  9. Exit RavenCTL
  10. Send the entire certificate request to IdenTrust, including ----BEGIN CERTIFICATE REQUEST---- and ----END CERTIFICATE REQUEST----

    Note: While waiting for the real certificate from IdenTrust, you can use the self-signed certificate generated above.
    sl req -noout -text -in server.csr

Key Pair Backup

  1. Backup this server.key file and remember the pass-phrase you had to enter at a secure location.
  2. View the details of the RSA private key via the command:
    $ openssl rsa -noout -text -in server.key

Back to Listing


RELATED CONTENT
Certificate Management Center
FAQ: Before You Buy
HOW-TO: Backup a Certificate
HOW-TO: Replace a Certificate
FAQ: General
FAQ: ACES
FAQ: ECA
FAQ: State of Washington
PKI Basics
Certificate Security and Protection
Change Control Schedules
Support Main
Contact Support
 

FEDERAL AGENCY PROGRAMS
Department of State
D-Trade
Department of Labor
Department of Labor
Department of Treasury IRS
Secure Data Transfer
MeF Electronic Filing Certificate
General Services Administration
eOffer

STATE AGENCY PROGRAMS
Florida
JCalendar for State Court Systems
West Virginia
Department of Environmental Protection
Virginia
Department of Transportation (VDOT)
Department of Mines Minerals and Energy (DMME)
 © 2008 IdenTrust Inc. All Rights Reserved    Home | Contact Us | Legal Policies IdenTrust