WoSign,making the internet more secure and trusted!
home>Support>CSR Generation Instruction - Jetty Java HTTP Servlet Web Server

CSR Generation Instruction - Jetty Java HTTP Servlet Web Server

An Important Note Before You Start

By far the most common problem users have when going through this process is related to private keys. If you lose or cannot access a private key, you cannot use the certificate we issue to you and will need to request a free reissue. To ensure this never happens, we advise that a backup of the private key file is made and that a note is made of the password that is used to protect the export of the private key.

To generate a CSR for Jetty Java HTTP Servlet Web Server follow the instructions below:

1. Generate a Keystore and a Keyentry (Private Key):

Using the JDK Tool, Keytool, used by Protekt.

keytool -genkey -keyalg RSA -keystore [keystore_name_here] -alias [keyentry_name_here]

Choose a password for the Keystore and enter it when prompted to do so.

Enter keystore password: password

What is your first and last name?

[Unknown]: www.yourdomainnamehere.com

What is the name of your organizational unit?

[Unknown]: Your Organizational Unit Here

What is the name of your organization?

[Unknown]: Your Organization Name Here

What is the name of your City or Locality?

[Unknown]: Your City or Locality Here

What is the name of your State or Province?

[Unknown]: Your State or Province Here

What is the two-letter country code for this unit?

[Unknown]: US

Is CN=www.yourdomainnamehere.com, OU=Your Organizational Unit Here, O=Your Organization Name Here, L=Your City or Locality Here, ST=Your State or Province Here, C=US correct?

[no]: yes

Enter key password for

(RETURN if same as keystore password):

You can either specify the same password you set on the keystore or specify a different password.

Note that a Keystore and a Keyentry has just been created. The Keystore will be stored in your JDK/bin directory (used by Protekt). Create a copy of the Keystore file and store it on a removable disk for safe keeping in case of a server crash.

Please run the following command to make sure that you can read the file and view the Keyentry:

keytool -list -keystore [keystore_name_here]

2. Backup Keystore file:

To backup the keystore file with the keyentry just created, please refer to the following the manual.

3. Generate a CSR off the Keyentry:

keytool -certreq -Keystore [Keystore_name_here] -alias [Keyentry_name_here] -file [csr_name_here]

Enter keystore password: password

Locate the CSR file as you will require it in the step that follows.

Start the certificate request process

To submit the CSR to WoSign for processing you should start the certificate enrollment process.