首页>技术支持>SSL证书请求文件(CSR)生成指南 - iPlanet 6.x

SSL证书请求文件(CSR)生成指南 - iPlanet 6.x

重要注意事项 An Important Note Before You Start

在生成CSR文件时同时生成您的私钥,如果您丢了私钥或忘了私钥密码,则颁发证书给您后不能安装成功!您必须重新生成私钥和CSR文件,免费重新颁发新的证书。为了避免此情况的发生,请在生成CSR后一定要备份私钥文件和记住私钥密码,最好是在收到证书之前不要再动服务器。

By far the most common problem users have when going through this process is related to private keys. If you lose or cannot access a private key, you cannot use the certificate we issue to you and will need to request a free reissue. To ensure this never happens, we advise that a backup of the private key file is made and that a note is made of the password that is used to protect the export of the private key.

To generate a CSR in iPlanet 6.x follow the instructions below:

1. Launch the Administration HTML interface:

Select Start > Programs > iPlanet Web Server > Administer Web Server.

2. Select the server instance you wish to administer by selecting the correct server name from the drop down list.

3. Select Manage.

4. Select the Security tab.

5. Select 'Create Database' from the menu options available in the left frame.

6. Supply a password for your new Trust Database.

7. Supply your password again for verification.

It is very important that you remember this password. If you forget it you will not be able to gain access to your Private Key.

8. Select 'OK' to continue

9. Select 'OK' to complete Trust Database creation.

10.Select 'Request a Certificate' from the menu options available in the left frame to generate your Certificate Signing Request.

11.Select the 'New Certificate' radio button.

12.Select the 'CA Email address' radio button, and supply your own email address in the space provided.

13.Supply the password for your Key pair File in the space provided.

14.Supply your name, telephone number, and email address in the spaces provided.

! If the Web server name does not match the common name in the certificate, some browsers will refuse to establish a secure connection with your site.

! Do not specify the protocol (http://), any port numbers or pathnames in the Common Name (CN).

! Do not use wildcards such as * or ?.

15.Enter the distinguished name (DN) of your server, keeping the following example in mind:

"CN" - Common Name = www.domain.com (this is the URL of your website)

"O" - Organization = Company Name Pty Ltd

"OU" - Organizational Unit = Internet Department

"L" - Locality = Cape Town

"St" - State/Province = Western Cape

"C" - Country/Region = ZA

16. Select 'OK' once you have entered the necessary information.

17. Copy the Certificate Signing Request (including the "-----BEGIN NEW CERTIFICATE REQUEST-----" and "-----END NEW CERTIFICATE REQUEST-----" lines)

and paste into a text document for later retrieval.

You have successfully created your Private Key and Certificate Signing Request (CSR).

测试CSR和把CSR发给WoSign, Start the certificate request process

生成CSR后,建议您自己测试一下生成的CSR文件是否正确,请点击 这里 测试您的CSR文件。请把测试成功的CSR文件发给WoSign即可。请一定不要再动您的服务器,等待证书的颁发。

To submit the CSR to WoSign for processing you should start the certificate enrollment process.