Solved

How to generate the CSR Certificate signing request  for Solaris and linux ( Redhat Hat ) ?

Posted on 2008-10-30
3
4,783 Views
Last Modified: 2013-12-21
Hi Experts,

Have some one Generated a CSR file (Certificate signing Request ) for
Solaris 10 and RHEL - 4 with Verisign. Please help me with this.

ASAP...... Thnaks all.
0
Comment
Question by:rajsolaris
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 43

Expert Comment

by:ravenpl
ID: 22845032
You have to use openssl for that. Lot's of howtos out there on the google.
http://sial.org/howto/openssl/csr/
0
 
LVL 13

Accepted Solution

by:
Rowley earned 500 total points
ID: 22848281
From my notes:

openssl on my system is found in /usr/local/ssl/bin

To create a server key you need to enter the following commands at the command line and follow the prompts.
      
openssl genrsa -des3 -out server.key 1024

If you dont have the random seed patch installed on your system then you will need to get it and install it. You can easily check by looking to see whether /dev/random or /dev/urandom exists.

Youll get the following appear on screen at which point you will be prompted to enter PEM passphrase:

Generating RSA private key, 1024 bit long modulus
....................++++++
...++++++
e is 65537 (0x10001)
Enter PEM pass phrase:

We usually use the password thisisntactuallythepassword.
This creates a triple DES algorithm encrypted private key of 1024 bits called server.key.

openssl req -new -key server.key -out server.csr

The following output can be expected:

Using configuration from /usr/local/ssl/openssl.cnf
Enter PEM pass phrase:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:GB
State or Province Name (full name) [Some-State]:My State
Locality Name (eg, city) []:My Town
Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Evil Empire
Organizational Unit Name (eg, section) []:EVIL
Common Name (eg, YOUR name) []:evil.megalomaniac.com
Email Address []:certs@megalomaniac.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

This creates a certificate request file (server.csr) using the private key we created (server.key). We then send this information off to a CA,  mine is currently Thawte, so that they can publicly sign it and then provide the certificate (server.crt). You can verify the certificate by opening it from within windows or issuing

openssl x509 -noout -text -in certificate.file


If we want, we can create a test certificate before sending the csr for authorisation. To do this, enter the following command:

openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt

Output you can expect to see:

Signature ok
subject=/C=GI/ST=My State/L=My Town/O=My Evil Empire/OU=EVIL/CN=evil.megalomaniac.com/Email=certs@megalomaniac.com
Getting Private key
Enter PEM pass phrase:

This creates an x509 standard crt, with the input coming from server.csr, the key used to do the signing is server.key and the output being server.crt.

Easy.

Ensure you edit httpd.conf to reflect the location of the certs.

hth.
0
 

Author Closing Comment

by:rajsolaris
ID: 31511809
Thank you for this Sir.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will explain how to establish a SSH connection to Ubuntu through the firewall and using a different port other then 22. I have set up a Ubuntu virtual machine in Virtualbox and I am running a Windows 7 workstation. From the Ubuntu vi…
FreeBSD on EC2 FreeBSD (https://www.freebsd.org) is a robust Unix-like operating system that has been around for many years. FreeBSD is available on Amazon EC2 through Amazon Machine Images (AMIs) provided by FreeBSD developer and security office…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question