WoSign,making the internet more secure and trusted!
home>Support>CSR Generation Instruction - C2net Stronghold

CSR Generation Instruction - C2net Stronghold

An Important Note Before You Start

By far the most common problem users have when going through this process is related to private keys. If you lose or cannot access a private key, you cannot use the certificate we issue to you and will need to request a free reissue. To ensure this never happens, we advise that a backup of the private key file is made and that a note is made of the password that is used to protect the export of the private key.

Stronghold Key and CSR Generation

Stronghold keys and certificates are managed through three scripts:

genkey, getca and genreq.

These are part of the normal Stronghold distribution.

Keys and certificates are stored in the directory $SSLTOP/private /, where SSLTOP is usually /usr/local/ssl .

If you don't yet have a key for your server:

Type genkey servername to create a key called servername.key in the ssl/private directory. This script will also generate a CSR: follow the instructions given there and choose Thawte as your CA. When you are done, make sure you have a backup of the entire ssl/private directory of your Stronghold installation. Your certificate will not work if you lose the private key you just generated.

If you already have a key for your server:

Type genreq servername to generate only a CSR.

Again, choose Thawte as your CA and follow the instructions to get the CSR for pasting into our online request form.

Once you have been issued with a certificate, you should use the getca servername < certfile command to install the certificate.

Start the certificate request process

To submit the CSR to WoSign for processing you should start the certificate enrollment process.