Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to generate the CSR Certificate signing request  for Solaris and linux ( Redhat Hat ) ?

Posted on 2008-10-30
3
Medium Priority
?
4,917 Views
Last Modified: 2013-12-21
Hi Experts,

Have some one Generated a CSR file (Certificate signing Request ) for
Solaris 10 and RHEL - 4 with Verisign. Please help me with this.

ASAP...... Thnaks all.
0
Comment
Question by:rajsolaris
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 43

Expert Comment

by:ravenpl
ID: 22845032
You have to use openssl for that. Lot's of howtos out there on the google.
http://sial.org/howto/openssl/csr/
0
 
LVL 13

Accepted Solution

by:
Rowley earned 2000 total points
ID: 22848281
From my notes:

openssl on my system is found in /usr/local/ssl/bin

To create a server key you need to enter the following commands at the command line and follow the prompts.
      
openssl genrsa -des3 -out server.key 1024

If you dont have the random seed patch installed on your system then you will need to get it and install it. You can easily check by looking to see whether /dev/random or /dev/urandom exists.

Youll get the following appear on screen at which point you will be prompted to enter PEM passphrase:

Generating RSA private key, 1024 bit long modulus
....................++++++
...++++++
e is 65537 (0x10001)
Enter PEM pass phrase:

We usually use the password thisisntactuallythepassword.
This creates a triple DES algorithm encrypted private key of 1024 bits called server.key.

openssl req -new -key server.key -out server.csr

The following output can be expected:

Using configuration from /usr/local/ssl/openssl.cnf
Enter PEM pass phrase:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:GB
State or Province Name (full name) [Some-State]:My State
Locality Name (eg, city) []:My Town
Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Evil Empire
Organizational Unit Name (eg, section) []:EVIL
Common Name (eg, YOUR name) []:evil.megalomaniac.com
Email Address []:certs@megalomaniac.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

This creates a certificate request file (server.csr) using the private key we created (server.key). We then send this information off to a CA,  mine is currently Thawte, so that they can publicly sign it and then provide the certificate (server.crt). You can verify the certificate by opening it from within windows or issuing

openssl x509 -noout -text -in certificate.file


If we want, we can create a test certificate before sending the csr for authorisation. To do this, enter the following command:

openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt

Output you can expect to see:

Signature ok
subject=/C=GI/ST=My State/L=My Town/O=My Evil Empire/OU=EVIL/CN=evil.megalomaniac.com/Email=certs@megalomaniac.com
Getting Private key
Enter PEM pass phrase:

This creates an x509 standard crt, with the input coming from server.csr, the key used to do the signing is server.key and the output being server.crt.

Easy.

Ensure you edit httpd.conf to reflect the location of the certs.

hth.
0
 

Author Closing Comment

by:rajsolaris
ID: 31511809
Thank you for this Sir.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my business, I use the LTS (Long Term Support) versions of Linux. My workstations do real work, and so I rarely have the patience to deal with silly problems caused by an upgraded kernel that had experimental software on it to begin with from a r…
The purpose of this article is to show how we can create Linux Mint virtual machine using Oracle Virtual Box. To install Linux Mint we have to download the ISO file from its website i.e. http://www.linuxmint.com. Once you open the link you will see …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question