CSR Generation: IBM HTTP Server
Generating a Certificate Signing Request (CSR) using IBM HTTP Server
- Firstly, you must create a new key database. Start the 'IKEYMAN' software - either by running the command 'IKEYMAN' or loading the GUI version.
- Select 'Key Database File' from the main menu and choose 'New'.
- Choose and enter a new Key Database name. Click 'OK'.
- Now enter and confirm a password for the Key Database. Please ensure not to forget this password.
- Now we need to use the new Key Database to create a CSR. Start IKEYMAN again, select 'Key Database File' and choose 'Open'.
- Now enter the password from Step 4 and click 'OK'.
- Select 'Create' from the main menu, and choose 'New Certificate Request'.
- A form will appear, and all the fields require completion. Click 'OK' when completed. Notes on some of the fields are:
- Key Label - simply a descriptive label for the CSR.
- Keysize - we suggest the keysize be as large as possible, preferably 2048 bit.
- Common Name - where you should enter the fully qualified domain name of the website you require the certificate for.
Note: for wildcard certificates, the Common Name should be in the format: *.mydomain.com - Country - the ISO-3166 two-letter country code for the country. 'US' for the USA, 'GB' for Great Britain, etc.
- Certificate Request Filename - the path and filename for the CSR.
- Open the CSR file with a text-editor and copy and paste the contents into the enrollment form when requested.