Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
Last revisionBoth sides next revision
cloudappliance/createcsr [2018_05_17 00:04] – created stevencloudappliance:createcsr [2024_03_18 19:54] steven
Line 1: Line 1:
-Log in as smeconfiguser than become root+====== Creating a CSR (Certificate Signing Request) ======
  
-    openssl req -new -newkey rsa:2048 -nodes -out tuamdocs_directroute_ie.csr -keyout tuamdocs_directroute_ie.key -subj "/C=US/ST=Munster/L=Limerick/O=Directroute/OU=IT/CN=tuamdocs.directroute.ie"+Log in as smeconfiguser then become root 
 + 
 +Generate a config file we'll use, update the <server fqdn> with the URL you'd like to use for access.  
 +     
 +vim san.cnf 
 +     
 +    [ req ] 
 +    default_bits       = 2048 
 +    distinguished_name = req_distinguished_name 
 +    req_extensions     = req_ext 
 +    [ req_distinguished_name ]  
 +    countryName                 = Country Name (2 letter code) 
 +    stateOrProvinceName         = State or Province Name (full name) 
 +    localityName               = Locality Name (eg, city) 
 +    organizationName           = Organization Name (eg, company) 
 +    commonName                 = Common Name (POC Server FQDN) 
 +    [ req_ext ] 
 +    subjectAltName = @alt_names 
 +    [alt_names] 
 +    DNS.1   = <server fqdn> 
 + 
 +Next we'll use this config file and generate a key and csr, please fill out the releavnt locality info during this setup:  
 +   openssl req -out server.csr -newkey rsa:2048 -nodes -keyout private.key -config san.cnf
  
 This will generate 2 files: This will generate 2 files:
    
-    tuamdocs_directroute_ie.key +    private.key 
-    tuamdocs_directroute_ie.csr+    server.csr
  
-Copy the file tuamdocs_directroute_ie.key to the private certs folder+Copy the file private.key to the private certs folder
  
-    cp tuamdocs_directroute_ie.key /etc/pki/tls/private/+    cp private.key /etc/pki/tls/private/
  
 Ensure the file is in the proper location before deleting it: Ensure the file is in the proper location before deleting it:
  
-    cat /etc/pki/tls/private/tuamdocs_directroute_ie.key+    cat /etc/pki/tls/private/private.key
  
-    rm tuamdocs_directroute_ie.key+    rm private.key
  
 Send the CSR to the Certificate Authority of choice Send the CSR to the Certificate Authority of choice
  
-    cat tuamdocs_directroute_ie.csr+    cat  server.csr
  
 The certificate authority will reply with a signed public key and intermediary certs. The certificate authority will reply with a signed public key and intermediary certs.
-These can be uploaded to the File Fabric.+ 
 + 
© Copyright 2024 Nasuni.