Entrust Certificate Services Support Knowledge Base

Audience: General
Last Modified: 2006-09-29 13:49:47.0

TN 6736 - How do I Create a Certificate Signing Request (CSR) for C2NET Stronghold?

Problem:
How do I create my Certificate Signing Request (CSR) for a C2NET Stronghold Server?

Solution:

There are three built-in scripts for creating and managing keys in Stronghold genkey, genreq, and getca. These scripts are stored in /usr/local/ssl/private/ by default. There are two starting points where you may want to generate a CSR:

You do not already have a key for the server:

While logged in as root at a command prompt, type genkey servername where servername is the name of the webserver. (i.e., genkey test.entrust.net) You will be prompted for information concerning the creation of the key and the CSR. Fill in the fields keeping in mind that you can not use special characters (! @ # $, etc) in the passphrase and when prompted for the CA, you should choose "Other." When complete you will have two files - a .key (your keystore) and a .csr  (your CSR)

You already have a key for the server:

While logged in as root at a command prompt, type genreq servername where servername is the name of the webserver. (i.e., genreq test.entrust.net) You will be prompted to be certain that you aren't overwriting a previous certificate request and key. You will now be prompted to enter specific information about your server and your company to allow the script to create the CSR.

This .csr file should be opened with a text editor and the contents pasted into the web-form when requested.

Affected Products:

  • Entrust Certificate Services 1 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 1 Year SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 2 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable
  • Entrust Certificate Services 2 Year SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable