Problem
How to generate a CSR for Orion Web Server
How do I generate a CSR for an Orion Web Server
Resolution
NOTE:A key length of 1024 bit is the default, but Thawte recommends the use of a 2048 bit key.
If the request is intended for an Extended Validation certificate or a certificate with a validity period beyond December 31, 2013, the 2048 bit key length will need to be selected.
To Generate a CSR for an Orion Web Server, perform the following steps:
Orion Webserver Keygen Instructions
Creating a keystore with a certificate:
- keytool -genkey -keyalg "RSA" -keystore keystore -storepass 123456 -validity 360
- keytool -certreq -keyalg "RSA" -file my.host.com.csr -keystore keystore
- Submit your CSR to Thawte.
- Once the certificate is issued, paste it into my.host.com.cer
- keytool -keystore keystore -keyalg "RSA" -import -trustcacerts -file my.host.com.cer
You should now have a keystore file in your current directory
Creating a secure site:
- Copy the default-web-site.xml config in the /config directory to secure-web-site.xml and edit it.
- Add secure="true" as an attribute to the <web-site ...> <web-site> tag.
- Add <ssl-config keystore="../my/keystore" keystore-password="123456" /> the keystore to the main body.
- Install the site: this is done by adding %lt;web-site path="./secure-web-site.xml" /> the site to server.xml.
To install your certificate on Orion Web Server, follow the instructions in solution: SO3864