Generate a Certificate Signing Request (CSR)

证书请求文件(CSR)生成指南 - Apache + Raven

Apache + Raven

Follow these instructions to generate a CSR for your Web site. When you have completed this process, click the "close" button below to close this window and continue to the next step. 请按照以下步骤生成CSR文件和备份私钥:

Note: The CertificateSigning Request (CSR) instructions are followed by key pair backup instructions.

  1. Enter Server Name (Common Name). 请输入服务器的公用名称,也就是服务器网址全名

  2. Select size of encryption key (1024 recommended). 请选择密钥长度,推荐1024位。请不要与SSL的会话密钥长度混淆!

    *Note: The encryption key size (512 bit, 1024 bit) has nothing to do with the actual session key (128 bit, 40 bit).

  3. Enter pass phrase to encrypt key. 请输入私钥的密码,请注意,此密码一定不能忘记,否则不能安装成功。

    Warning: If you lose the passphrase, you must purchase another certificate.

    See the certificate replacement policy at the bottom of these instructions.

  4. Choose the server to request a certificate for: 请根据您的服务器软件的版本选择:
    5. Version 1.5.1 select NO to send the CSR to GeoTrust 如果是V1.5.1,则选择NO
    Version 1.5 select YES to send the CSR to GeoTrust 如果是V1.5,则选择YES
      Note: If you select no, a required field will be missing and the CSR will be invalid.
    Version 1.5x enter the same pass phrase entered generating the private key above.

  5. Enter the information to be displayed in the certificate. 请用英文正确填写CSR中的所需字段信息。

    Distinguished Name Field

    Explanation

      Example

    Country Name

    The two-letter ISO abbreviation for your country.

    US = United States

    State or Province Name

    The state or province where your organization is located. Can not be abbreviated.

    Georgia

    City or Locality

    The city where your organization is located.

    Atlanta

    Organization Name

    The exact legal name of your organization. Do not abbreviate.

    GeoTrust Inc.

    Organizational Unit

    Optional for additional organizational information.

    Marketing

    Common Name (Server Host Name)

    The fully qualified domain name for your web server. You will get a certificate name check warning if this is not an exact match.

    If you intend to secure the URL https://secure.geotrust.com, then your CSR's server hostname must be secure.geotrust.com

    Server Admin.'s email address

    Your email address

    abc@geotrust.com

  1. Send the CSR to your email address or display the CSR on your console. 发送CSR到您的邮箱中,或显示在屏幕上。

  2. Exit RavenCTL 退出控制台
  3. Create a backup copy of the private key. 请备份您的私钥,并妥善保管。

Backup the servername.key file from the raven/module/pki/keys directory to a secure location and remember the PEM passphrase (step 3).

**** Note: To view the contents of the private key, use the following command:

$ openssl rsa -noout -text -in servername.key

  1. Submit your CSR to GeoTrust by clicking on <Continue>, you will be asked to complete the agreement and the enrollment form as well. 点击“<Continue>”,按提示步骤提交您的CSR给GeoTrust (WoTrust)。

Why eBusiness ID? Choice Price Compatibility Service Assurance