Products & Services | Switch to Us | Support | Contact Us | About Us | Home
 
support


CSR Generation

Validation

Certificate Installation

FAQ


server software

Apache (mod_SSL & OpenSSL)
cPanel / WHM
Cobalt RAQ
MS Exchange 2007
MS Exchange 2010
F5 BigIP
HSphere
IBM HTTP Server
iPlanet 4.x / SunONE 6.x
Java-based Webservers
Microsoft IIS 4.x
Microsoft IIS 5.x/6.x
Microsoft IIS 7.x
Oracle (using Wallet Manager)
Plesk



CSR Generation: Java-based Webservers (e.g. Tomcat) using keytool

Generating a Certificate Signing Request (CSR) for Java-based Webservers such as Tomcat, using keytool

To generate your CSR, log in to the server and open a command prompt or shell, and use the following instructions:

  1. Generate a new keystore and key with the following command: 
    keytool -genkey -keyalg RSA -alias server -keystore my_keystore.jks

    Replace the file 'my_keystore.jks' with the filename and path you wish to locate the keystore. The alias 'server' can be changed to the site or server name if needed.

    For Tomcat, change the '-alias server' to '-alias tomcat'

  2. You may be prompted for some information: 
    Enter keystore password:
    What is your first and last name?
    What is the name of your organizational unit? **This is your Common Name**
    What is the name of your organization?
    What is the name of your City or Locality?
    What is the name of your State or Province?
    What is the two-letter country code for this unit?

    3. The 'first and last name' actually means the fully-qualified domain name for your site - e.g. 'www.mydomain.com'.
    For wildcard certificates, the Common Name should be in the format: *.mydomain.com
    Please take care to remember the password you enter.

  3. Now generate the CSR using the key and keystore you have just created: 
    keytool -certreq -alias server -file csr.txt -keystore my_keystore.jks

    Ensure that the alias and keystore have the same name and filename as in Step 1.

    You will be prompted to enter the password again. If successful, the file 'csr.txt' will be created. Open this file with a text editor and cut and paste the contents into the enrollment form when requested.

Notes:
If you do not enter an alias with the '-alias' command flag, the default alias will be used, 'mykey'.

  •     Enterprise SSL Certificates
      Secure your e-transactions and maximize budget efficiencies with TrustedSecure Enterprise SSL Certificates.
      Learn more
  •     TrustedSecure Site Seal
      Give your site visitors the confidence that they can share private information securely with the TrustedSecure Site Seal.
      Learn more
  •     CSC TrustedSecure CertManager
      Access the CSC TrustedSecure Certificate Authority and manage your enterprise's SSL portfolio online with the TrustedSecure CertManager.
      Learn more
  •     Cert-Assure™ Audit
      Uncover all certificates that have been registered and confirm their expiration dates with a Cert-Assure audit.
      Learn more
    • Copyright 2010 Corporation Service Company, All rights reserved.