WoSign技术支持：Jetty Java HTTP Servlet Web Server Web服务器SSL证书的证书请求文件(CSR)生成指南

首页

产品简介

产品价格

VeriSign 产品

Secure Site

Secure Site Pro-EV

Secure Site-EV

Thawte 产品

SSL Web Server

SGC SuperCerts

SSL Web Server-EV

SSL123

GeoTrust产品

True Business ID-EV

Power Server ID

RapidSSL

首页

技术支持

SSL证书请求文件(CSR)生成指南 - Jetty Java HTTP Servlet Web Server

重要注意事项 An Important Note Before You Start

在生成CSR文件时同时生成您的私钥，如果您丢了私钥或忘了私钥密码，则颁发证书给您后不能安装成功！您必须重新生成私钥和CSR文件，免费重新颁发新的证书。为了避免此情况的发生，请在生成CSR后一定要备份私钥文件和记住私钥密码，最好是在收到证书之前不要再动服务器。
By far the most common problem users have when going through this process is related to private keys. If you lose or cannot access a private key, you cannot use the certificate we issue to you and will need to request a free reissue. To ensure this never happens, we advise that a backup of the private key file is made and that a note is made of the password that is used to protect the export of the private key.

To generate a CSR for Jetty Java HTTP Servlet Web Server follow the instructions below:

1. Generate a Keystore and a Keyentry (Private Key):

Using the JDK Tool, Keytool, used by Protekt.

keytool -genkey -keyalg RSA -keystore [keystore_name_here] -alias [keyentry_name_here]

Choose a password for the Keystore and enter it when prompted to do so.
Enter keystore password: password

What is your first and last name?
[Unknown]: www.yourdomainnamehere.com
What is the name of your organizational unit?
[Unknown]: Your Organizational Unit Here
What is the name of your organization?
[Unknown]: Your Organization Name Here
What is the name of your City or Locality?
[Unknown]: Your City or Locality Here
What is the name of your State or Province?
[Unknown]: Your State or Province Here
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=www.yourdomainnamehere.com, OU=Your Organizational Unit Here, O=Your Organization Name Here, L=Your City or Locality Here, ST=Your State or Province Here, C=US correct?
[no]: yes

Enter key password for <keyentry_name_here>
(RETURN if same as keystore password):

You can either specify the same password you set on the keystore or specify a different password.

Note that a Keystore and a Keyentry has just been created. The Keystore will be stored in your JDK/bin directory (used by Protekt). Create a copy of the Keystore file and store it on a removable disk for safe keeping in case of a server crash.

Please run the following command to make sure that you can read the file and view the Keyentry:
keytool -list -keystore [keystore_name_here]

2. Backup Keystore file:

To backup the keystore file with the keyentry just created, please refer to the following the manual.

3. Generate a CSR off the Keyentry:

keytool -certreq -Keystore [Keystore_name_here] -alias [Keyentry_name_here] -file [csr_name_here]
Enter keystore password: password

Locate the CSR file as you will require it in the step that follows.

测试CSR和把CSR发给WoSign, Start the certificate request process

生成CSR后，建议您自己测试一下生成的CSR文件是否正确，请点击这里测试您的CSR文件。请把测试成功的CSR文件发给WoSign即可。请一定不要再动您的服务器，等待证书的颁发。
To submit the CSR to WoSign for processing you should start the certificate enrollment process.