Certificate Signing Request (CSR) Example - JohnHau/mis GitHub Wiki

Abstract Certificate Signing Request (CSR) Example

Body In an earlier blog posting "How to Create A SHA2 Certificate Signing Request (CSR)" discussed that the IBM Sterling Certificate Wizard is incapable of generating a SHA2 CSR. Since there are any number of other methods for generating a CSR we'll look at one such way. The first step is to gather the necessary information to complete the CSR form. The resulting certificate will be populated with these values using a designation common to LDAP. The information required includes the fully-qualified domain name (FQDN) , City, State, Country, Key Size and Signing Algorithm. Some CA's may require additional data or optionally allow an Organization Name and Organizational Unit. To find your FQDN you can use the "ipconfig /all" command. The following screen shot shows the values to combine to identify a system's FQDN - here that value is danal.ibm.com

Using your preferred CSR tool (here I used the SSL Store, enter the values. NOTE: do not abbreviate the state as some CA's will not accept this. For the Key Size, when you choose the length of this key you need to take into consideration what your Trading Partners will be able to support. You may have to purchase multiple certificates in order to meet the needs of your Trading Partners. In this example, I've chosen the more common length of 2048-bits.