Follow these instructions to generate a CSR for your Web site. When you have completed
this process, you will have a CSR ready to submit to eWAY in order to be
generated into a SSL Security Certificate.
OpenSSL is the open source project that replaced SSLeay. If you are using SSLeay
on your system instead of OpenSSL, substitute ssleay with openssl for the commands.
Creating a Key Pair
- Open a DOS window. At the command line, type
cd <your server root>\bin\admin\admin\bin
- Type sec-key at the command prompt. A Netscape key-pair file generation window
appears.
- When prompted, type an alias for the new key-pair file. You might choose
an alias that matches your server (for example, web or mail). The alias cannot contain
spaces, but it can use symbols that your operating system allows in filenames (such
as hyphens and underscores). By default, the key-pair file is stored in the directory
C:/<server_root>/alias/<alias>-key.db where <alias> is
the alias you typed. If you used the alias mail, your key-pair file would be C:/<server_root>/alias/mail-key.db.
- Type OK. A screen with a progress meter appears. Move your mouse in random
motions at random speeds. These random movements are used to generate a random number
for the unique key-pair file.
- Enter a password.
Warning: If you lose the password, you must purchase another certificate.
See the certificate replacement policy below.
- Return to the Keys and Certificates menu in the Netscape Suitespot Server
administration page.
Creating a Certificate Signing Request
- Start the Netscape administration page.
- Login as the administrator.
- Click on Keys and Certificates on the administration main menu.
- Select Request a Certificate on the navigation window.
- Click on New Certificate in the Request a Server Certificate window.
- Select CA URL (enter anything in the box).
- Select the alias and password that you generated in the key-pair file.
- Type in the Distinguished Name Field information. This information will appear
in your server certificate. Any variations can lead to delays in the verification
process. When creating a CSR you must follow these conventions.
The following characters can not be accepted: < > ~ ! @ # $ % ^ * / \ ( )
?. ,
|
Distinguished Name Fields |
Explanation |
Example |
|
Requester Name
|
Your Name |
John Smith |
|
Telephone Number
|
Your phone number |
(xxx) xxx-xxxx |
|
Common Name
|
The fully qualified domain name for your web server. This must be an exact match.
|
If you intend to secure the URL https://www.yourdomain.com, then your CSR's common
name must be www.yourdomain.com.
|
|
Email address
|
Your email address |
abc@yourdomain.com
|
|
Organization
|
The exact legal name of your organization. Do not abbreviate your organization name.
|
Your Domain, Inc
|
|
Organization Unit
|
Section of the organization
|
Marketing
|
|
City or Locality
|
The city where your organization is legally located.
|
Atlanta
|
|
State or Province
|
The state or province where your organization is legally located. Can not be abbreviated.
|
Georgia
|
|
Country
|
The two-letter ISO abbreviation for your country.
|
US = United States
|
- Click OK when finished.
The system will generate a CSR which will start with "-----Begin Certificate Request-----"
and it will end with "-----End Certificate Request-----".
- Copy this CSR into a text file. If you are using Windows or NT, you can use Notepad
to cut and paste the CSR and then save it.
- Submit your CSR to eWAY® by completing the online enrollment process.
»
Return to CSR Instruction List