CSR Generation Instruction - Lotus Domino Go
An Important Note Before You Start
By far the most common problem users have when going through this process is related to private keys. If you lose or cannot access a private key, you cannot use the certificate we issue to you and will need to request a free reissue. To ensure this never happens, we advise that a backup of the private key file is made and that a note is made of the password that is used to protect the export of the private key.
To generate a CSR for Lotus Domino Go follow the instructions below:
Since Thawte is not a default CA for Domino Go version 4.6.x, you need to install our root certificate before proceeding with your request. The root certificate contains the key that is used to verify the signatures on the certificates we issue. It is the same root that is embedded in Navigator and MSIE.
Step 1: Embed Thawte Root Certificate
The Thawte Root can be located at the following link : www.wotrust.com/support/root.htm
It is a text file. Save it on your server hard drive. Then go to the Administration interface of your web server. Underneath the "Security" configuration section of your server you will see a link called "Receive Certificate". Go there. You will need to specify your current keyring file and pass phrase, and ask it to install the root certificate that you saved on your hard drive.
Step 2: Mark the Thawte Root as a trusted root
Under "Security" again you will see a link called "Key Management".
You will need to specify the key ring password.
Select "Designate Trusted Root Keys".
The Thawte root will be listed in X.400 format.
Select it, then press Apply.
The Thawte root is now a trusted CA for your server.
Step 3: Generate your own key and CSR
Thawte will only accept a PKCS#10 CSR.
Go the the"Create Keys" link on the Admin page under "Security".
Choose "Other" as your CA.
On the next page, DO NOT GIVE A POSTAL CODE.
Specify your country as the two-letter code in UPPER CASE.
Give your full state name if you are in the USA. Don't mail the certificate request to the CA, you are going to save it to a file instead.
Make a note where you saved it (the default is C:\WWW\Bin\CertReq.txt). That file is what you paste into our forms - it is your CSR.
Start the certificate request process
To submit the CSR to WoSign for processing you should start the certificate enrollment process.