GENERATE A CSR FOR 4D WEBSTAR SERVER SUITE

 

Problem

Generate a CSR
Generate a private key

Resolution

Note:In the interest of better security and the enablement of greater trust, we have decided that 1024-bit keys will now be the minimum strength used in the issuance of Thawte digital certificates.

4D WebSTAR Server Suite / SSL Key and CSR Generation

Thawte's uses X.509 version 3 certificates, which are not supported by 4D WebSTAR Server Suite / SSL versions 2.x, and 3.x.  4D WebSTAR Server Suite / SSL 4.x does support these certificates, and works fine.

Generate a Key Pair

Use the 4D WebSTAR Server Suite Key Generator application that comes with your 4D WebSTAR Server Suite/SSL server to generate a key file containing a public/private key pair for use with your secure server.

Follow these steps:

  1. Launch the Key Generator application by double clicking its icon.
  2. Enter a password to protect the use of your key pair. 4D WebSTAR Server Suite will ask for this password when you initially launch the server.
    Do not forget this password! You'll need it later to authorize 4D WebSTAR Server Suite to use your public/private key pair. We recommend that you write it down and store it in a safe place.
    If you lose the password, you will have to purchase a new Digital ID.
  3. Click the Create Key button to generate your public/private key pair.
    Generating a key can take a few minutes.
  4. The Public/Private Key file is stored in an encrypted file.
    The file must be named "Public/Private Key" and must be stored in the same folder as the 4D WebSTAR Server Suite server.
  5. If necessary, move the Public/Private Key file to the 4D WebSTAR Server Suite folder.

GENERATE A CSR

  1. Use the Certificate Request application to enter the Certificate Signing Request information for your site.
    A Certificate Signing Request includes identifiers such as the name of your organization, department within the organization, and where the organization is located.
    It also includes the public key for your site.
  2. Your Certificate Signing Request may be rejected if the information is not properly formatted. Be sure to closely follow the conventions outlined in the instructions.
    If any of the information is improperly formatted,
    Thawte will ask you to correct it and send the request again.
  3. The Certificate Signing Request process requires that you supply an email address and certain identifying information.  All the fields are required. 

    Please do not leave out a field as this results in a CSR which cannot be processed by Thawte.  The required fields are:
    • Common Name (CN): the server's fully qualified host name (such as: hostname.foo.com)
    • Organization (O): legal, registered organization name
    • Organizational Unit (OU): optional department name
    • Locality (L): city the organization resides or is registered in
    • State or Province (ST): unabbreviated state/province name
    • Country (C): two-character country code

Follow these steps:

  1. Launch the Certificate Request application by double clicking its icon.
  2. Type the name of your Web site in the Common Name field, for example:
    www.foo.com

    Make sure that the Common Name you specify will be the actual domain name of your 4D WebSTAR Server - it will be encoded into the server certificate and cannot be changed later without purchasing a new certificate.

    Furthermore, this domain name must be the main A name entry for your machine - your certificate will not work if you use an IP address or if the domain name is a CNAME entry (DNS alias), for example.

    Contact your network administrator for guidance, if need be. 

  3. Type the name of your organization in the Organization field, for example:
    Foo Corporation
  4. Type the name of the department or other organization unit in the Org Unit field (this is compulsory - the CSR will not be accepted without it), for example:
    Support
  5. Type the name of the city or town in which your organization is located in the Locality field, for example:
    San Jose
  6. Type the name of the state or province in which the organization is located in the State/Province field, for example:
    California
    Do not abbreviate the state or province name, spell it out as shown immediately above.
  7. Type a two-letter code for the country in which you are located in the Country Code field, for example:
    US
    Do not spell out the country name, use a 2-letter code. The code for the United States is US.
    For Canada, the code is CA. For international DID country codes, check here.
  8. Type the email address of the site's Webmaster in the email Address field, for example:

    [email protected]
  9. In the Phone Number field, type a phone number where Thawte can reach you. Type your fax number in the FAX Number field.

    The email Address, Phone Number, and FAX Number fields are not part of the certificate. Thawte uses these fields to contact you if it finds a problem with the certificate request.
  10. Click Select Key File and select the Public/Private Key File you created.
  11. Enter the password required to access your public/private key pair (the password you entered when generating the key pair, as described in "Generate a Public/Private Key" on page 24).
  12. Click the Create button to generate your encrypted certificate request form.

    The application creates a file named "Certificate Request" and then quits.

See the 4D WebSTAR Server Suite Installation Guide for further information about installing and setting up your 4D WebSTAR Server.

Was this answer helpful? 0 Users Found This Useful (0 Votes)