首页>技术支持>SSL证书请求文件(CSR)生成指南 - Tenon WebTen

SSL证书请求文件(CSR)生成指南 - Tenon WebTen

重要注意事项 An Important Note Before You Start

在生成CSR文件时同时生成您的私钥,如果您丢了私钥或忘了私钥密码,则颁发证书给您后不能安装成功!您必须重新生成私钥和CSR文件,免费重新颁发新的证书。为了避免此情况的发生,请在生成CSR后一定要备份私钥文件和记住私钥密码,最好是在收到证书之前不要再动服务器。

By far the most common problem users have when going through this process is related to private keys. If you lose or cannot access a private key, you cannot use the certificate we issue to you and will need to request a free reissue. To ensure this never happens, we advise that a backup of the private key file is made and that a note is made of the password that is used to protect the export of the private key.

WebTen Key and CSR Generation

In order to obtain a server certificate, a Certificate Signing Request (CSR) must be sent to the Certificate Authority, along with other proof of identity documents.

1. Fill out the SSL Settings form within the WebTen Administration Server.

2. Submit the completed CSR to the Certificate Authority. Cut and paste the CSR from the SSL Settings form into the Thawte online form.

Your official certificate will be digitally signed and e-mailed to you by the CA.

Rename the certificate to "xx.xx.xx.xx.crt" (where is the IP address of the virtual host for which the certificate was generated),

and place the official certificate in the tenon/ssl/private folder.

The official certificate will replace the temporary self-signed certificate generated by WebTen for use prior to receipt of the official certificate.

SSL Settings

To generate a certificate request, click on the Certificate button beside the SSLSecurity entry in the WebTen Virtual Host Configuration table found here:

http://www.tenon.com/Products/webten/UserGuide2.0/8_VirtualHosts.html#11497

The SSL Settings page is a form for generating a Certificate Signing Request (CSR).

SSL Certificate Request Form

Common Name

The Common Name is the domain name of the Web server or of an IP-based virtual host.

This must be a fully qualified domain name, not an IP address or a DNS alias.

Organization Name

The Organization Name is the legal organization name.

Organizational Unit

The Organizational Unit is the department name or the name of a unit within an organization. This field is optional.

Locality

The Locality is the name of the city in which the organization resides. This field is optional.

State or Province

The State or Province is the name of the state or province in which the organization resides.

Country Code

The Country Code is a two-character country code for the country in which the organization resides.

Email Address

The Email Address is the email address of a contact or representative within this organization.

Generating a CSR

To generate a Certificate Signing Request (CSR) save the SSL Settings via the Save CSR button. This action has several effects.

If a private key for this virtual host does not exist, such a key is created and saved in a secure area in WebTen's internal file system.

The actual Certificate Signing Request information is displayed in the WebTen Administration Server.

This CSR is a X.509 formatted document which can be copied and pasted directly into Thawte's online request form.

This CSR is also saved in the tenon/ssl/certs folder in a file named xx.xx.xx.xx.csr (where is the IP address of the virtual host for which the CSR was generated).

Certificate Signing Request A temporary, self-signed certificate is created for use while your CSR is being processed by the CA.

The self-signed certificate will allow your virtual server to perform secure transactions while your official certificate request is being processed.

Notes:

Instructions can also be found at the website:

http://www.tenon.com/Products/webten/UserGuide2.0/8_VirtualHosts.html#11497

测试CSR和把CSR发给WoSign, Start the certificate request process

生成CSR后,建议您自己测试一下生成的CSR文件是否正确,请点击 这里 测试您的CSR文件。请把测试成功的CSR文件发给WoSign即可。请一定不要再动您的服务器,等待证书的颁发。

To submit the CSR to WoSign for processing you should start the certificate enrollment process.