IdenTrust - Support - Certificate Signing Request

Home | Login | Contact Us

Home
Company
Solutions
- Overview
- Industry
- Products
  - PLOT
  - HUB
  - Identity Network
  - Trust Prime
  - Trust Sign
  - Trust Link
  - Trust Gate
  - MITM
Certificates
- Certificate Chart
- TrustID
- ACES
- ECA
Partner
- Overview
- Solution
- Compliant
- Integration
- Reseller
- Partner List
Library
Support

OVERVIEW

DIGITAL CERTIFICATE INSTRUCTIONS

FAQ LIBRARY

HOW-TO

DOWNLOADS

iPlanet Enterprise Server 4.1

Support > Generation Instructions

Creating a Certificate Signing Request (CSR) and Key

Follow the step-by-step instructions to generate a certificate signing request (CSR) and key:

Start your iPlanet Enterprise web server.
Open the iPlanet Netscape administration page.
Log in as the administrator.
Click on Security.
Select Create Database.
Type in Database Password. Confirm Password. Click OK.
Warning: If you lose the password, you must purchase another certificate.
Click on Request a Certificate.
Select New Certificate.
Select CA URL (enter http://www.identrust.com/ in the box).
Enter your key pair file password.

When creating a CSR you must follow these conventions.
Enter the Distinguished Name Field information.
Note: The following characters can not be accepted:
< > ~ ! @ # $ % ^ * / \ ( ) ?

Distinguished Name Field	Explanation	Example
Requester Name	Your Name	John Smith
Telephone Number	Your phone number	(###) ###-####
Common Name	The fully qualified domain name for your web server. This must be an exact match.	If you intend to secure the URL https://www.identrust.com/, then your CSR's common name must be www.identrust.com
Organization Name	The exact legal name of your organization. Do not abbreviate your organization name.	IdenTrust Inc.
Organization Unit	Section of the organization	Marketing
City or Locality	The city where your organization is legally located.	Salt Lake City
State or Province Name	The state or province where your organization is legally located. Can not be abbreviated.	Utah
Zip or Postal Code	The postal code where your organization is legally located.	55555
Country Name	The two-letter ISO abbreviation for your country	US = United States

Click OK when finished.

Enter Certificate Request Information:

What You See	What You Should Type
Operation	Submit CSR
Certificate Type	Server
Requester Name	Name
Requester E-mail	E-mail Address
Requester Phone	Phone Number
Requester Comments	(Leave blank)

The system will generate a CSR in PKCS #10 format which will start with ----BEGIN CERTIFICATE REQUEST---- and it will end with ----END CERTIFICATE REQUEST----
Save this CSR into a text file. If you are using Windows, you can use Notepad to cut and paste the CSR and then save it.

Backing up your key pair file

A key-pair file contains both the public and private keys used for SSL encryption. You will use the key-pair file when you request and install a certificate. The key-pair file is stored encrypted in the following directory: server_root/alias/-key3.db.

When you create the key, you specify a password that you later use when you request the certificate and when you start a server that is using encrypted communications.

Creating the certificate trust database

Access the Administration Server and choose the Security tab.
Type the password in Database Password.
Re-type the password in Password.
Click OK.

If no database exists, iPlanet Web Server creates the proper key and certificate database files and stores them in the alias/ directory (otherwise, iPlanet Web Server displays an error message).

Back to Listing