CSR

From: Ben Grodsky <grodsky_at_mediadefender.com>
Date: Tue, 10 Apr 2007 10:35:15 -0700

Generating a CSR
A Certificate Signing Request (CSR) is required to enroll for an SSL Certificate. A CSR is your server's unique "fingerprint" and is generated from your server. The CSR also includes your private/public key pair, which enables server authentication and secure communication. An example of a CSR appears below.

________________________________

        Microsoft IIS 5.0 and 6.0 users: For certificate renewals, you must generate a new certificate signing request.
        
        Please view Solution ID vs4888 <javascript:helpPopup('https://knowledge.verisign.com/search/solution.jsp?id=vs4888');> for further information on updates for your Web server and instructions for generating your new certificate signing request.
________________________________

See Generate a Certificate Signing Request (CSR) <javascript:csr();> for detailed instructions on generating a CSR for your server platform. Although the instructions for generating a CSR are different for each server platform, see below for general steps.

If you have further questions on server software compatibility or generating a CSR, contact VeriSign Customer Support <javascript:helpPopup('http://www.verisign.com/support/contact/index.html');> .

To generate a CSR:

1. Go to your server's administrative console or toolkit.
2. Go to the certificate management section, often labeled with "security" or "certificates."
3. Generate a CSR. Make sure the following information is included:

        * Common name - Also known as domain name, host name, or other similar term. This is the URL your Web site visitors connect to. Click here <javascript:commonName();> for details on a properly formatted common name.
        * Organization - Your company or organization's formal name. This name entered here must match the name found in official records.
        * Organizational unit - Also known as department, division, or other similar term. Use this field to further identify the SSL Certificate you are ordering, for example, by department or by physical server.
        * City/Location - The city in which your organization is physically located.
        * State/Province - The state in which your organization is physically located.
        * Country - The country in which your organization is physically located.
                

The generated CSR is delivered to you in an email, a file saved on your hard drive, or other method. The CSR looks like:

        -----BEGIN NEW CERTIFICATE REQUEST-----
        MIIBJTCB0AIBADBtMQswCQYDVQQGEwJVUzEQMA4GA1UEChs4lBMHQ
        XJpem9uYTENA1UEBxMETWVzYTEfMB0GA1UEChMWTWVs3XbnzYSBDb
        21tdW5pdHkgQ29sbGVnZTEA1UEAxMTd3d3Lm1jLm1hcmljb3BhLmV
        kdTBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQDRNU6xslWjG41163gA
        rsj/P108sFmjkjzMuUUFYbmtZX4RFxf/U7cZZdMagz4IMmY0F9cdp
        DLTAutULTsZKDcLAgEDoAAwDQYJKoZIhvcNAQEEBQADQQAjIFpTLg
        fmBVhc9SQaip5SFNXtzAmhYzvJkt5JJ4X2r7VJYG3J0vauJ5VkjXz
        9aevJ8dzx37ir3P4XpZ+NFxK1R=
        -----END NEW CERTIFICATE REQUEST-----

________________________________

Important: Make a backup copy of your key pair and password and store them securely. This is a vital step as a precaution against overwriting, deleting, or corrupting the file. VeriSign cannot recover your SSL Certificate without the key pair and password. If you lose your key pair or password, you will have to generate a new key pair and purchase a new SSL Certificate.
________________________________

Entering the CSR
After generating your CSR, open the email or text file, copy the CSR, and paste it into the enrollment form. The Begin and End statements are optional.
Received on Fri Sep 14 2007 - 10:55:51 BST

This archive was generated by hypermail 2.2.0 : Sun Sep 16 2007 - 22:19:45 BST