Generate a Certificate Signing Request (CSR)
1. Request information from customer
Common Name (CN): (e.g. www.secureki.com)
Country (C): (e.g. MY)
State or Locality (S/L):
Organization Name (O):
Organization Unit (OU):
DNS Name: (e.g. appm.secureki.com)
2. Generate Private Key
$ keytool -genkey -alias secureki -keyalg RSA -keystore key_client.ks -keysize 2048
3. Generate CSR
$ keytool -certreq -keyalg RSA -alias secureki -file cert_server.csr -keystore key_client.ks -ext SAN=dns:secureki.com.my -sigalg SHA256withRSA
4. TWO files will be generated
- cert_server.csr
- key_client.ks
5. Send the cert_server.csr to customer to generate the SSL certificate
6. ENSURE to keep the key_client.ks file. This file will be needed to import the SSL certificate into keystore.
To import the certificate into keystore, refer [APPM]Import SSL Certificate into Keystore
To verify CSR contains the correct information, https://www.sslshopper.com/csr-decoder.html
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article