Follow these instructions to generate a CSR for your Web site. When you have completed
this process, you will have a CSR ready to submit to RapidSSL.com in order to be
generated into a SSL Security Certificate.
OpenSSL is the open source project that replaced SSLeay. If you are using SSLeay
on your system instead of OpenSSL, substitute ssleay with openssl for the commands.
If you are not using JDK 1.4 or higher, you must download and install "Java Secure
Socket Extensions" JSSE.
- Generate a private key with the following command:
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /path/to/domainname.kdb
You will be prompted for a password. Tomcat uses a default password of "changeit".
If you use a different password, you will need to specify a custom password in the
server.xml configuration file.
The next field that you will be prompted for is "What is your first and last name?"
At this prompt, you must specify the common name (FQDN) of your web site.
You will then be prompted for your organizational unit, organization, etc.
- Generate the Certificate Signing Request (CSR)
$JAVA_HOME/bin/keytool -certreq -alias tomcat -keystore /path/to/keystore.kdb -file
filename.csr
You will not be prompted for the common name, organization, etc. The keytool will
use the values that you specify when generating the private key.
- Now go to eWAY®, select your certificate product and click the relevant
Order Now button. Make sure that you have your CSR file handy - you will need this
during the enrollment process. Go through steps for purchasing a certificate and
paste your certificate request in block when prompted.
Be sure to include -----BEGIN NEW CERTIFICATE REQUEST----- and -----END NEW CERTIFICATE
REQUEST-----
- Make a backup of the keystore.kdb key database. eWAY is not responsible
if your server crashes and this file is lost.
»
Return to CSR Instruction List