Lesezeichen Email Drucken

4D, Inc.- Webstar 4.x

Lesezeichen:
0 Lesezeichen anlegen

Antwort

To generate a CSR, you will need to create a key pair for your server. These two items are a digital certificate key pair and cannot be separated. If you lose your public/private key file or your password and generate a new one, your SSL Certificate will no longer match. You will have to request a new SSL Certificate and may be charged.
We recommend that you contact the WebSTAR vendor for additional information.
Generate Key Pair and CSR
1. Launch the Key Generator application (in the Tools & Examples folder, SSL Tools folder).
2. Enter a password to protect your key. You'll need it later to authorize WebSTAR SSL to use your public/private key pair. Do not forget this password! If you do, the private key cannot be recovered: there is no "back door" to this security. Make sure that the password is at least 8 characters long, includes letters, numbers and punctuation, and is not a name or a word.
3. Write the password down and store it in a secure place, such as a safety deposit box. If you lose the password, you will have to purchase a new certificate.
4. Click the Create Key button to generate your private key file.
5. Name the file something like "Private Key File" (the default), and save it in the root folder for the SSL host (the WebSTAR folder or the host folder if you have a secondary IP host).
6. When the key file is created, the Key Generator will beep and allow you to click OK , then it will quit.
7. Make sure that the key file is in your WebSTAR folder. If it's not there, move it into that folder now.
8. Launch the CSR Utility application (in the Tools & Examples folder, SSL Tools folder).
9. Click Choose and select the Private Key file you created. Once you select a private key file, the key file and the Certificate you will receive will be a signed Certificate pair, and cannot be separated.
10. If you lose the Private Key file and generate a new one, your Certificate will no longer match. You will have to send a request to the Certificate Authority for a new Certificate, which you may be charged for. For this reason, be sure to keep backup copies of your file in a secure location.
11. Enter the password required to access your public/private key pair (the password you entered when generating the key pair, as described in Generate a Key).
12. Click the Create button to generate your encrypted Certificate request form. This command will prompt for the following X.509 attributes of the certificate:
Country Name: Use the two-letter code without punctuation for country, for example: GB (not UK).

State or Province: Spell out the state completely; do not abbreviate the state or province name, for example: California

Locality or City: The Locality field is the city or town name, for example: Berkeley.

Company: If your company or department has an &, @, or any other symbol using the shift key in its name, you must spell out the symbol or omit it to enroll. Example: XY & Z Corporation would be XYZ Corporation or XY and Z Corporation.

Organisational Unit: This field is optional; but can be used to help identify certificates registered to an organization. The Organisational Unit (OU) field is the name of the department or organization unit making the request.

Common Name: The Common Name is the Host + Domain Name. It looks like "www.company.com" or "company.co.uk".
Certificates can only be used on Web servers using the Common Name specified during enrollment. For example, a certificate for the domain "domain.com" will receive a warning if accessing a site named "www.domain.com" or "secure.domain.com", because "www.domain.com" and "secure.domain.com" are different from "domain.com".
Please do not enter your email address, challenge password or an optional company name when generating the CSR.
13. The application creates a file named Certificate Request by default. You can use that name or rename it.
14. Quit the CSR Utility program.
15. You have just created a key pair and a CSR.
16. To copy and paste the information into the enrollment form, open the file in a text editor that does not add extra characters (Notepad or Vi are recommended).
17. Go to Enrollment.
Note: For Extended Validation certificates the key bit length must be 2048.

Kategorie

Bei uns kommen Sie weiter!

support220