Solved

How to generate the CSR Certificate signing request  for Solaris and linux ( Redhat Hat ) ?

Posted on 2008-10-30
3
4,698 Views
Last Modified: 2013-12-21
Hi Experts,

Have some one Generated a CSR file (Certificate signing Request ) for
Solaris 10 and RHEL - 4 with Verisign. Please help me with this.

ASAP...... Thnaks all.
0
Comment
Question by:rajsolaris
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 43

Expert Comment

by:ravenpl
ID: 22845032
You have to use openssl for that. Lot's of howtos out there on the google.
http://sial.org/howto/openssl/csr/
0
 
LVL 13

Accepted Solution

by:
Rowley earned 500 total points
ID: 22848281
From my notes:

openssl on my system is found in /usr/local/ssl/bin

To create a server key you need to enter the following commands at the command line and follow the prompts.
      
openssl genrsa -des3 -out server.key 1024

If you dont have the random seed patch installed on your system then you will need to get it and install it. You can easily check by looking to see whether /dev/random or /dev/urandom exists.

Youll get the following appear on screen at which point you will be prompted to enter PEM passphrase:

Generating RSA private key, 1024 bit long modulus
....................++++++
...++++++
e is 65537 (0x10001)
Enter PEM pass phrase:

We usually use the password thisisntactuallythepassword.
This creates a triple DES algorithm encrypted private key of 1024 bits called server.key.

openssl req -new -key server.key -out server.csr

The following output can be expected:

Using configuration from /usr/local/ssl/openssl.cnf
Enter PEM pass phrase:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:GB
State or Province Name (full name) [Some-State]:My State
Locality Name (eg, city) []:My Town
Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Evil Empire
Organizational Unit Name (eg, section) []:EVIL
Common Name (eg, YOUR name) []:evil.megalomaniac.com
Email Address []:certs@megalomaniac.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

This creates a certificate request file (server.csr) using the private key we created (server.key). We then send this information off to a CA,  mine is currently Thawte, so that they can publicly sign it and then provide the certificate (server.crt). You can verify the certificate by opening it from within windows or issuing

openssl x509 -noout -text -in certificate.file


If we want, we can create a test certificate before sending the csr for authorisation. To do this, enter the following command:

openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt

Output you can expect to see:

Signature ok
subject=/C=GI/ST=My State/L=My Town/O=My Evil Empire/OU=EVIL/CN=evil.megalomaniac.com/Email=certs@megalomaniac.com
Getting Private key
Enter PEM pass phrase:

This creates an x509 standard crt, with the input coming from server.csr, the key used to do the signing is server.key and the output being server.crt.

Easy.

Ensure you edit httpd.conf to reflect the location of the certs.

hth.
0
 

Author Closing Comment

by:rajsolaris
ID: 31511809
Thank you for this Sir.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This document is written for Red Hat Enterprise Linux AS release 4 and ORACLE 10g.  Earlier releases can be installed using this document as well however there are some additional steps for packages to be installed see Metalink. Disclaimer: I hav…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Suggested Courses

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question